Show filters
17 Total Results
Displaying 11-17 of 17
Sort by:
Attacker Value
Unknown
CVE-2021-44514
Disclosure Date: December 09, 2021 (last updated October 07, 2023)
OpUtils in Zoho ManageEngine OpManager 12.5 before 125490 mishandles authentication for a few audit directories.
0
Attacker Value
Unknown
CVE-2021-40493
Disclosure Date: October 13, 2021 (last updated November 28, 2024)
Zoho ManageEngine OpManager before 125437 is vulnerable to SQL Injection in the support diagnostics module. This occurs via the pollingObject parameter of the getDataCollectionFailureReason API.
0
Attacker Value
Unknown
CVE-2021-41075
Disclosure Date: October 13, 2021 (last updated November 28, 2024)
The NetFlow Analyzer in Zoho ManageEngine OpManger before 125455 is vulnerable to SQL Injection in the Attacks Module API.
0
Attacker Value
Unknown
CVE-2021-41288
Disclosure Date: September 30, 2021 (last updated November 28, 2024)
Zoho ManageEngine OpManager version 125466 and below is vulnerable to SQL Injection in the getReportData API.
0
Attacker Value
Unknown
CVE-2021-20078
Disclosure Date: April 01, 2021 (last updated November 28, 2024)
Manage Engine OpManager builds below 125346 are vulnerable to a remote denial of service vulnerability due to a path traversal issue in spark gateway component. This allows a remote attacker to remotely delete any directory or directories on the OS.
0
Attacker Value
Unknown
CVE-2020-13818
Disclosure Date: June 04, 2020 (last updated February 21, 2025)
In Zoho ManageEngine OpManager before 125144, when <cachestart> is used, directory traversal validation can be bypassed.
0
Attacker Value
Unknown
CVE-2020-11946
Disclosure Date: April 20, 2020 (last updated February 21, 2025)
Zoho ManageEngine OpManager before 125120 allows an unauthenticated user to retrieve an API key via a servlet call.
0
