629 matches found
CVE-2023-28340
Zoho ManageEngine Applications Manager through 16320 allows the admin user to conduct an XXE attack...
CVE-2021-35580
Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite component: View Reports. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2021-35582
Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite component: View Reports. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...
CVE-2021-35569
Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite component: Diagnostics. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle...
CVE-2021-35512
An SSRF issue was discovered in Zoho ManageEngine Applications Manager build 15200...
CVE-2021-35581
Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite component: View Reports. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2020-14826
Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite component: SQL Extensions. Supported versions that are affected are 12.1.3 and 12.2.3 - 12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2020-24743
An issue was found in /showReports.do Zoho ManageEngine Applications Manager up to 14550, allows attackers to gain escalated privileges via the resourceid parameter...
CVE-2020-14761
Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite component: Oracle Diagnostics Interfaces. Supported versions that are affected are 12.1.3 and 12.2.3 - 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...
CVE-2020-14811
Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite component: AMP EBS Integration. Supported versions that are affected are 12.1.3 and 12.2.3 - 12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
CVE-2019-19475
An issue was discovered in ManageEngine Applications Manager 14 with Build 14360. Integrated PostgreSQL which is built-in in Applications Manager is prone to attack due to lack of file permission security. The malicious users who are in “Authenticated Users” group can exploit privilege escalation...
CVE-2017-11557
An issue was discovered in ZOHO ManageEngine Applications Manager 12.3. It is possible for an unauthenticated user to view the list of domain names and usernames used in a company's network environment via a userconfiguration.do?method=editUser request...
CVE-2021-35566
Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite component: Diagnostics. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...
CVE-2024-41140
Zohocorp ManageEngine Applications Manager versions 174000 and prior are vulnerable to the incorrect authorization in the update user function...
CVE-2024-41140
Zohocorp ManageEngine Applications Manager versions 174000 and prior are vulnerable to the incorrect authorization in the update user function...
CVE-2024-41140
CVE-2024-41140 affects Zohocorp ManageEngine Applications Manager versions 174000 and prior, with an incorrect authorization in the update user function. Public documentation from NVD and Red Hat confirms impact to confidentiality and integrity (high), with network attack vector, low attack compl...
PT-2025-2604 · Zohocorp · Zoho Manageengine Applications Manager
Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine Applications Manager versions 174000 and prior Description: The issue is related to incorrect authorization in the update user function. This allows for potential unauthorized access or modifications. The estimated numbe...
ZOHO ManageEngine Applications Manager 安全漏洞
ZOHO ManageEngine Applications Manager is a suite of IT operations management solutions from ZOHO USA. The product features application performance management, fault management, report generation and SLA management. A security vulnerability exists in ZOHO ManageEngine Applications Manager version...
The vulnerability of the Diagnostics component of the Oracle Applications Manager software, a business automation system for enterprises under the Oracle E-Business Suite, allows an attacker to modify, add, or delete data.
The vulnerability of the Diagnostics component of the Oracle Applications Manager application management tool within the Oracle E-Business Suite relates to deficiencies in the authentication process due to incorrect validation of input data. Exploiting this vulnerability could allow an attacker t...
CVE-2024-21268
Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite component: Diagnostics. Supported versions that are affected are 12.2.11-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Applications...