Zohocorp: >> Manageengine Desktop Central >> 10.0.124 Security Vulnerabilities
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: database access using a superuser account (specifically, an account with permission to write to the filesystem via SQL queries).
CVSS Score
7.2
EPSS Score
0.074
Published
2018-04-18
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: a missing server-side check on the file type/extension when uploading and modifying scripts.
CVSS Score
9.8
EPSS Score
0.081
Published
2018-04-18
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: network services (Desktop Central and PostgreSQL) running with a superuser account.
CVSS Score
7.2
EPSS Score
0.022
Published
2018-04-18
Page 3