Zohocorp: Security Vulnerabilities
ZohoCorp ManageEngine Endpoint Central versions prior to 11.4.2528.05 are vulnerable to a sensitive information logging issue. An authenticated user with access to the logs could potentially obtain the sensitive agent token.
CVSS Score
3.2
EPSS Score
0.002
Published
2025-10-27
Zohocorp ManageEngine Applications Manager versions 176800 and below are vulnerable to information disclosure in File/Directory monitor.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-10-21
Zohocorp ManageEngine ADManager Plus version before 8024 are vulnerable to authenticated command injection vulnerability in the Custom Script component.
CVSS Score
8.5
EPSS Score
0.006
Published
2025-10-21
Zohocorp ManageEngine Analytics Plus versions 6171 and prior are vulnerable to authenticated SQL Injection via the key update api.
CVSS Score
8.3
EPSS Score
0.006
Published
2025-10-21
Zohocorp ManageEngine EndPoint Central versions 11.4.2516.1 and prior are vulnerable to XML Injection.
CVSS Score
5.2
EPSS Score
0.0
Published
2025-10-21
ZohoCorp ManageEngine Endpoint Central versions earlier than 11.4.2508.14, 11.4.2516.06, and 11.4.2518.01 are affected by an arbitrary file deletion vulnerability in the agent setup component.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-10-21
ZohoCorp ManageEngine Endpoint Central was impacted by an improper privilege management issue in the agent setup.
This issue affects Endpoint Central: through 11.4.2500.25, through 11.4.2508.13.
CVSS Score
3.9
EPSS Score
0.0
Published
2025-09-25
Zohocorp ManageEngine Applications Manager versions 176600 and prior are vulnerable to stored cross-site scripting in the File/Directory monitor.
CVSS Score
6.4
EPSS Score
0.002
Published
2025-07-23
Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Attachments by filename keyword report.
CVSS Score
8.1
EPSS Score
0.079
Published
2025-06-26
Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Folder-wise read mails with subject report.
CVSS Score
8.1
EPSS Score
0.079
Published
2025-06-26