Filtered by vendor Zohocorp Subscriptions
Total 496 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-41081 1 Zohocorp 1 Manageengine Network Configuration Manager 2024-11-21 9.8 Critical
Zoho ManageEngine Network Configuration Manager before 125465 is vulnerable to SQL Injection in a configuration search.
CVE-2021-41080 1 Zohocorp 1 Manageengine Network Configuration Manager 2024-11-21 9.8 Critical
Zoho ManageEngine Network Configuration Manager before 125465 is vulnerable to SQL Injection in a hardware details search.
CVE-2021-41075 1 Zohocorp 1 Manageengine Opmanager 2024-11-21 9.8 Critical
The NetFlow Analyzer in Zoho ManageEngine OpManger before 125455 is vulnerable to SQL Injection in the Attacks Module API.
CVE-2021-40539 1 Zohocorp 1 Manageengine Adselfservice Plus 2024-11-21 9.8 Critical
Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.
CVE-2021-40493 1 Zohocorp 1 Manageengine Opmanager 2024-11-21 9.8 Critical
Zoho ManageEngine OpManager before 125437 is vulnerable to SQL Injection in the support diagnostics module. This occurs via the pollingObject parameter of the getDataCollectionFailureReason API.
CVE-2021-40178 1 Zohocorp 1 Manageengine Log360 2024-11-21 6.1 Medium
Zoho ManageEngine Log360 before Build 5224 allows stored XSS via the LOGO_PATH key value in the logon settings.
CVE-2021-40177 1 Zohocorp 1 Manageengine Log360 2024-11-21 9.8 Critical
Zoho ManageEngine Log360 before Build 5225 allows remote code execution via BCP file overwrite.
CVE-2021-40176 1 Zohocorp 1 Manageengine Log360 2024-11-21 6.1 Medium
Zoho ManageEngine Log360 before Build 5225 allows stored XSS.
CVE-2021-40175 1 Zohocorp 1 Manageengine Log360 2024-11-21 9.8 Critical
Zoho ManageEngine Log360 before Build 5219 allows unrestricted file upload with resultant remote code execution.
CVE-2021-40174 1 Zohocorp 1 Manageengine Log360 2024-11-21 8.8 High
Zoho ManageEngine Log360 before Build 5224 allows a CSRF attack for disabling the logon security settings.
CVE-2021-40173 1 Zohocorp 1 Manageengine Cloud Security Plus 2024-11-21 8.8 High
Zoho ManageEngine Cloud Security Plus before Build 4117 allows a CSRF attack on the server proxy settings.
CVE-2021-40172 1 Zohocorp 1 Manageengine Log360 2024-11-21 8.8 High
Zoho ManageEngine Log360 before Build 5219 allows a CSRF attack on proxy settings.
CVE-2021-3287 1 Zohocorp 1 Manageengine Opmanager 2024-11-21 9.8 Critical
Zoho ManageEngine OpManager before 12.5.329 allows unauthenticated Remote Code Execution due to a general bypass in the deserialization class.
CVE-2021-38298 1 Zohocorp 1 Manageengine Admanager Plus 2024-11-21 9.8 Critical
Zoho ManageEngine ADManager Plus before 7110 is vulnerable to blind XXE.
CVE-2021-37931 1 Zohocorp 1 Manageengine Admanager Plus 2024-11-21 9.8 Critical
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.
CVE-2021-37930 1 Zohocorp 1 Manageengine Admanager Plus 2024-11-21 9.8 Critical
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.
CVE-2021-37929 1 Zohocorp 1 Manageengine Admanager Plus 2024-11-21 9.8 Critical
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.
CVE-2021-37928 1 Zohocorp 1 Manageengine Admanager Plus 2024-11-21 9.8 Critical
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.
CVE-2021-37927 1 Zohocorp 1 Manageengine Admanager Plus 2024-11-21 9.8 Critical
Zoho ManageEngine ADManager Plus version 7110 and prior allows account takeover via SSO.
CVE-2021-37926 1 Zohocorp 1 Manageengine Admanager Plus 2024-11-21 9.8 Critical
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.