Show filters
7 Total Results
Displaying 1-7 of 7
Sort by:
Attacker Value
Unknown
CVE-2020-28679
Disclosure Date: January 10, 2022 (last updated October 07, 2023)
A vulnerability in the showReports module of Zoho ManageEngine Applications Manager before build 14550 allows authenticated attackers to execute a SQL injection via a crafted request.
0
Attacker Value
Unknown
CVE-2020-27733
Disclosure Date: January 19, 2021 (last updated February 22, 2025)
Zoho ManageEngine Applications Manager before 14 build 14880 allows an authenticated SQL Injection via a crafted Alarmview request.
0
Attacker Value
Unknown
CVE-2020-27995
Disclosure Date: October 29, 2020 (last updated February 22, 2025)
SQL Injection in Zoho ManageEngine Applications Manager 14 before 14560 allows an attacker to execute commands on the server via the MyPage.do template_resid parameter.
0
Attacker Value
Unknown
CVE-2020-15394
Disclosure Date: September 25, 2020 (last updated February 22, 2025)
The REST API in Zoho ManageEngine Applications Manager before build 14740 allows an unauthenticated SQL Injection via a crafted request, leading to Remote Code Execution.
0
Attacker Value
Unknown
CVE-2020-15521
Disclosure Date: September 25, 2020 (last updated February 22, 2025)
Zoho ManageEngine Applications Manager before 14 build 14730 has no protection against jsp/header.jsp Cross-site Scripting (XSS) .
0
Attacker Value
Unknown
CVE-2020-14008
Disclosure Date: September 04, 2020 (last updated February 22, 2025)
Zoho ManageEngine Applications Manager 14710 and before allows an authenticated admin user to upload a vulnerable jar in a specific location, which leads to remote code execution.
0
Attacker Value
Unknown
CVE-2019-19800
Disclosure Date: February 06, 2020 (last updated February 21, 2025)
Zoho ManageEngine Applications Manager 14 before 14520 allows a remote unauthenticated attacker to disclose OS file names via FailOverHelperServlet.
0
