Shodan
Vulnerabilities
Vulnerable Software
Zohocorp:  Security Vulnerabilities
CVE-2024-5471
Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to agent takeover vulnerability due to the hard-coded sensitive keys.
CVSS Score
8.8
EPSS Score
0.045
Published
2024-07-17
CVE-2024-27311
Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to directory traversal vulnerability which allows the user to upload new files to the server folder.
CVSS Score
5.5
EPSS Score
0.003
Published
2024-07-17
CVE-2024-27313
Zoho ManageEngine PAM360 is vulnerable to Stored XSS vulnerability. This vulnerability is applicable only in the version 6610.
CVSS Score
6.3
EPSS Score
0.003
Published
2024-05-29
CVE-2024-36036
Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to access sensitive information and modifying the agent configuration.
CVSS Score
4.2
EPSS Score
0.001
Published
2024-05-27
CVE-2024-36037
Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session recordings.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-05-27
CVE-2024-27310
Zoho ManageEngine ADSelfService Plus versions below 6401 are vulnerable to the DOS attack due to the malicious LDAP input.
CVSS Score
5.3
EPSS Score
0.014
Published
2024-05-27
CVE-2024-27314
Zoho ManageEngine ServiceDesk Plus versions below 14730, ServiceDesk Plus MSP below 14720 and SupportCenter Plus below 14720 are vulnerable to stored XSS in the Custom Actions menu on the request details. This vulnerability can be exploited only by the SDAdmin role users.
CVSS Score
2.4
EPSS Score
0.014
Published
2024-05-27
CVE-2024-21791
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection in lockout history option. Note: Non-admin users cannot exploit this vulnerability.
CVSS Score
4.7
EPSS Score
0.013
Published
2024-05-22
CVE-2023-49335
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while getting file server details.
CVSS Score
8.3
EPSS Score
0.001
Published
2024-05-20
CVE-2023-49331
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the aggregate reports search option.
CVSS Score
8.3
EPSS Score
0.002
Published
2024-05-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved