173 matches found
ZOHO ManageEngine Applications Manager 安全漏洞
ZOHO ManageEngine Applications Manager is a suite of IT operations management solutions from ZOHO USA. The product features application performance management, fault management, report generation and SLA management. A security vulnerability exists in ZOHO ManageEngine Applications Manager 176600...
CVE-2024-5678
Zohocorp ManageEngine Applications Manager versions 170900 and below are vulnerable to the authenticated admin-only SQL Injection in the Create Monitor feature...
CVE-2023-28341
Stored Cross site scripting XSS vulnerability in Zoho ManageEngine Applications Manager through 16340 allows an unauthenticated user to inject malicious javascript on the incorrect login details page...
CVE-2021-35512
An SSRF issue was discovered in Zoho ManageEngine Applications Manager build 15200...
CVE-2020-24743
An issue was found in /showReports.do Zoho ManageEngine Applications Manager up to 14550, allows attackers to gain escalated privileges via the resourceid parameter...
CVE-2019-19475
An issue was discovered in ManageEngine Applications Manager 14 with Build 14360. Integrated PostgreSQL which is built-in in Applications Manager is prone to attack due to lack of file permission security. The malicious users who are in “Authenticated Users” group can exploit privilege escalation...
CVE-2017-11557
An issue was discovered in ZOHO ManageEngine Applications Manager 12.3. It is possible for an unauthenticated user to view the list of domain names and usernames used in a company's network environment via a userconfiguration.do?method=editUser request...
CVE-2024-41140
Zohocorp ManageEngine Applications Manager versions 174000 and prior are vulnerable to the incorrect authorization in the update user function...
PT-2025-2604 · Zohocorp · Zoho Manageengine Applications Manager
Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine Applications Manager versions 174000 and prior Description: The issue is related to incorrect authorization in the update user function. This allows for potential unauthorized access or modifications. The estimated numbe...
ManageEngine Applications Manager SEoL (15.0.x)
According to its version, ManageEngine Applications Manager is 15.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities...
ManageEngine Applications Manager SEoL (14.0.x)
According to its version, ManageEngine Applications Manager is 14.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities...
ManageEngine Applications Manager SEoL (10.0.x)
According to its version, ManageEngine Applications Manager is 10.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities...
ManageEngine Applications Manager SEoL (8.0.x)
According to its version, ManageEngine Applications Manager is 8.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities...
ManageEngine Applications Manager SEoL (9.0.x)
According to its version, ManageEngine Applications Manager is 9.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities...
ManageEngine Applications Manager SEoL (13.0.x)
According to its version, ManageEngine Applications Manager is 13.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities...
ManageEngine Applications Manager SEoL (12.0.x)
According to its version, ManageEngine Applications Manager is 12.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities...
ManageEngine Applications Manager SEoL (0.x <= x <= 6.x)
According to its version, ManageEngine Applications Manager is between 0.x and 6.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...
ManageEngine Applications Manager SEoL (11.0.x)
According to its version, ManageEngine Applications Manager is 11.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities...
ManageEngine Applications Manager SingleSignOn Cross-Site Scripting Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of ManageEngine Applications Manager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
ZOHO ManageEngine Applications Manager 跨站脚本漏洞
ZOHO ManageEngine Applications Manager is a set of IT operation and maintenance management solutions of the United States ZhuoHao ZOHO company. The product has application performance management, fault management, report generation and SLA management and other functions. A cross-site scripting...