Vulnerabilities
Vulnerable Software
Zohocorp:  Security Vulnerabilities
The DCPluginServelet servlet in ManageEngine Desktop Central and Desktop Central MSP before build 90109 allows remote attackers to create administrator accounts via an addPlugInUser action.
CVSS Score
9.8
EPSS Score
0.814
Published
2018-01-04
Zoho ManageEngine Password Manager Pro 9 before 9.4 (9400) has reflected XSS in SearchResult.ec and BulkAccessControlView.ec.
CVSS Score
6.1
EPSS Score
0.019
Published
2017-12-15
Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /manageApplications.do?method=AddSubGroup haid parameter.
CVSS Score
9.8
EPSS Score
0.123
Published
2017-11-16
Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /showresource.do resourceid parameter in a showPlasmaView action.
CVSS Score
9.8
EPSS Score
0.123
Published
2017-11-16
Zoho ManageEngine Applications Manager 13 allows SQL injection via the /manageConfMons.do groupname parameter.
CVSS Score
9.8
EPSS Score
0.095
Published
2017-11-16
Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /MyPage.do?method=viewDashBoard forpage parameter.
CVSS Score
9.8
EPSS Score
0.123
Published
2017-11-16
Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /showresource.do resourceid parameter in a getResourceProfiles action.
CVSS Score
9.8
EPSS Score
0.123
Published
2017-11-16
Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /MyPage.do widgetid parameter.
CVSS Score
9.8
EPSS Score
0.123
Published
2017-11-16
Zoho ManageEngine Applications Manager 13 before build 13500 allows Post-authentication SQL injection via the name parameter in a manageApplications.do?method=insert request.
CVSS Score
8.8
EPSS Score
0.012
Published
2017-11-05
Zoho ManageEngine Applications Manager 13 before build 13500 allows SQL injection via GraphicalView.do, as demonstrated by a crafted viewProps yCanvas field or viewid parameter.
CVSS Score
9.8
EPSS Score
0.019
Published
2017-11-05


Contact Us

Shodan ® - All rights reserved