72 matches found
CVE-2021-20136
ManageEngine Log360 Builds 5235 are affected by an improper access control vulnerability allowing database configuration overwrite. An unauthenticated remote attacker can send a specially crafted message to Log360 to change its backend database to an attacker-controlled database and to force Log3...
CVE-2021-20136
ManageEngine Log360 Builds 5235 are affected by an improper access control vulnerability allowing database configuration overwrite. An unauthenticated remote attacker can send a specially crafted message to Log360 to change its backend database to an attacker-controlled database and to force Log3...
Improper access control
ManageEngine Log360 Builds 5235 are affected by an improper access control vulnerability allowing database configuration overwrite. An unauthenticated remote attacker can send a specially crafted message to Log360 to change its backend database to an attacker-controlled database and to force Log3...
CVE-2021-20136
ManageEngine Log360 Builds 5235 are affected by an improper access control vulnerability allowing database configuration overwrite. An unauthenticated remote attacker can send a specially crafted message to Log360 to change its backend database to an attacker-controlled database and to force Log3...
CVE-2021-20136
CVE-2021-20136 affects ManageEngine Log360 builds before 5235. The flaw is an improper access control that lets an unauthenticated attacker send crafted messages to overwrite the backend database configuration and force Log360 to restart. This can enable remote code execution by replacing startup...
ZOHO ManageEngine Log360 访问控制错误漏洞
ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. The solution helps you mitigate security threats, detect persistent attack attempts, detect suspicious user activity, and comply with regulatory requirements.ZOHO ManageEngi...
ManageEngine Log360 Detection
Binary data manageenginelog360detect.nbin...
ManageEngine Log360 < Build 5229 REST API Restriction Bypass RCE
Binary data manageenginelog360cve-2021-40539.nbin...
ZOHO ManageEngine Log360 Cross-Site Scripting Vulnerability (CNVD-2021-67511)
ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. The solution helps you mitigate security threats, detect persistent attack attempts, detect suspicious user activity, and comply with regulatory requirements.A cross-site...
ZOHO ManageEngine Log360 code issue vulnerability
ZzOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. The solution helps you mitigate security threats, detect persistent attack attempts, detect suspicious user activity, and comply with regulatory requirements.A code issue...
ZOHO ManageEngine Log360 Cross-Site Scripting Vulnerability
ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. A cross-site scripting vulnerability exists in ZOHO ManageEngine Log360, which stems from the product's failure to validate user data. An attacker could execute client-side...
ZOHO ManageEngine Log360 Input Validation Error Vulnerability
ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. The solution helps you mitigate security threats, detect persistent attack attempts, detect suspicious user activity, and comply with regulatory requirements.An input...
ZOHO ManageEngine Log360 Code Injection Vulnerability
ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. The solution helps you mitigate security threats, detect persistent attack attempts, detect suspicious user activity and comply with regulatory requirements.A code injection...
CVE-2021-40177
Zoho ManageEngine Log360 before Build 5225 allows remote code execution via BCP file overwrite...
CVE-2021-40178
Zoho ManageEngine Log360 before Build 5224 allows stored XSS via the LOGOPATH key value in the logon settings...
CVE-2021-40177
Zoho ManageEngine Log360 before Build 5225 allows remote code execution via BCP file overwrite...
CVE-2021-40176
Zoho ManageEngine Log360 before Build 5225 allows stored XSS...
CVE-2021-40174
Zoho ManageEngine Log360 before Build 5224 allows a CSRF attack for disabling the logon security settings...
CVE-2021-40174
Zoho ManageEngine Log360 before Build 5224 allows a CSRF attack for disabling the logon security settings...
CVE-2021-40176
Zoho ManageEngine Log360 before Build 5225 allows stored XSS...