Shodan
Vulnerabilities
Vulnerable Software
Zohocorp:  Security Vulnerabilities
CVE-2024-5546
Zohocorp ManageEngine Password Manager Pro versions before 12431 and ManageEngine PAM360 versions before 7001 are affected by authenticated SQL Injection vulnerability via a global search option.
CVSS Score
8.3
EPSS Score
0.023
Published
2024-08-28
CVE-2024-41150
An Stored Cross-site Scripting vulnerability in request module affects Zohocorp ManageEngine ServiceDesk Plus, ServiceDesk Plus MSP and SupportCenter Plus.This issue affects ServiceDesk Plus versions: through 14810; ServiceDesk Plus MSP: through 14800; SupportCenter Plus: through 14800.
CVSS Score
6.3
EPSS Score
0.005
Published
2024-08-23
CVE-2024-38869
Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability in remote office deploy configurations.This issue affects Endpoint Central: before 11.3.2416.04 and before 11.3.2400.25.
CVSS Score
8.3
EPSS Score
0.001
Published
2024-08-23
CVE-2024-5466
Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option.
CVSS Score
8.8
EPSS Score
0.044
Published
2024-08-23
CVE-2024-5467
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in account lockout report.
CVSS Score
8.3
EPSS Score
0.02
Published
2024-08-23
CVE-2024-5490
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in aggregate reports option.
CVSS Score
8.3
EPSS Score
0.02
Published
2024-08-23
CVE-2024-5556
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in reports module.
CVSS Score
8.3
EPSS Score
0.02
Published
2024-08-23
CVE-2024-5586
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in extranet lockouts report option.
CVSS Score
8.3
EPSS Score
0.02
Published
2024-08-23
CVE-2024-36515
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard. Note: This vulnerability is different from another vulnerability (CVE-2024-36516), both of which have affected ADAudit Plus' dashboard.
CVSS Score
8.3
EPSS Score
0.02
Published
2024-08-23
CVE-2024-36516
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard. Note: This vulnerability is different from another vulnerability (CVE-2024-36515), both of which have affected ADAudit Plus' dashboard.
CVSS Score
8.3
EPSS Score
0.02
Published
2024-08-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved