Lucene search
K

23 matches found

NVD
NVD
added 2026/04/03 12:16 p.m.3 views

CVE-2026-28703

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Mails Exchanged Between Users report...

7.3CVSS0.00538EPSS
Exploits0References1
CVE
CVE
added 2026/04/03 11:47 a.m.9 views

CVE-2026-4108

CVE-2026-4108 affects Zohocorp ManageEngine Exchange Reporter Plus pre-5802. The issue is a stored XSS vulnerability within the Non-Owner Mailbox Permission report, allowing an attacker to inject script when a report is generated or viewed that processes user-supplied input. Based on the availabl...

7.3CVSS5.9AI score0.00538EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.10 views

PT-2026-30027

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Public Folder Client Permissions report...

7.3CVSS5.9AI score0.00538EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/11 10:32 a.m.3 views

CVE-2025-7633 Stored XSS

Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Custom report...

7.3CVSS5.7AI score0.00431EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-17446

Malicious code in bioql PyPI...

9.6CVSS6.7AI score0.01925EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/07/04 12:0 a.m.6 views

ManageEngine Exchange Reporter Plus RCE

The version of ManageEngine Exchange Reporter Plus on the Host is prior to 5722. It is, therefore, affected by an RCE Vulnerability where Zohocorp ManageEngine Exchange Reporter Plus versions 5721 and prior are vulnerable to Remote code execution in the Content Search module. Note that Nessus has...

9.6CVSS6.5AI score0.01925EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/07/04 12:0 a.m.7 views

ManageEngine Exchange Reporter Plus Multiple Vulnerabilities

The version of ManageEngine Exchange Reporter Plus on the host is prior to 5723. It is, therefore, affected by multiple XSS vulnerabilities - Zohocorp ManageEngine Exchange Reporter Plus version 5722 and below are vulnerable to Stored XSS in the Attachments by filename keyword report. CVE-2025-59...

8.1CVSS5.8AI score0.01103EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/06/11 11:11 a.m.5 views

CVE-2025-3835

Zohocorp ManageEngine Exchange Reporter Plus versions 5721 and prior are vulnerable to Remote code execution in the Content Search module...

9.6CVSS9.6AI score0.01925EPSS
Exploits0References1
NVD
NVD
added 2025/06/09 11:15 a.m.17 views

CVE-2025-3835

Zohocorp ManageEngine Exchange Reporter Plus versions 5721 and prior are vulnerable to Remote code execution in the Content Search module...

9.6CVSS0.01925EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/09 10:29 a.m.4 views

CVE-2025-3835 Remote Code Execution

Zohocorp ManageEngine Exchange Reporter Plus versions 5721 and prior are vulnerable to Remote code execution in the Content Search module...

9.6CVSS9.8AI score0.01925EPSS
Exploits0References1
NVD
NVD
added 2024/11/05 6:15 a.m.18 views

CVE-2024-9459

Zohocorp ManageEngine Exchange Reporter Plus versions 5718 and prior are vulnerable to authenticated SQL Injection in reports module...

8.8CVSS0.0207EPSS
Exploits0References1
CVE
CVE
added 2024/08/30 5:10 p.m.56 views

CVE-2024-6204

Product affected: Zohocorp ManageEngine Exchange Reporter Plus. Vulnerability: SQL Injection in the reports module. Affected versions: before 5715. Root cause / details: SQL injection vulnerability in the reports module (no further technical specifics provided in the cited documents). Impact (as ...

8.3CVSS8.3AI score0.01958EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/08/30 5:10 p.m.26 views

CVE-2024-6204 SQL injection

Zohocorp ManageEngine Exchange Reporter Plus versions before 5715 are vulnerable to SQL Injection in the reports module...

8.3CVSS0.01958EPSS
Exploits0References1
NVD
NVD
added 2024/07/26 6:15 p.m.37 views

CVE-2024-38872

Zohocorp ManageEngine Exchange Reporter Plus versions 5717 and below are vulnerable to the authenticated SQL injection in the monitoring module...

8.8CVSS0.03052EPSS
Exploits0References1
OSV
OSV
added 2024/07/26 6:15 p.m.4 views

CVE-2024-38872

Zohocorp ManageEngine Exchange Reporter Plus versions 5717 and below are vulnerable to the authenticated SQL injection in the monitoring module...

8.8CVSS5.8AI score0.03052EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/26 5:30 p.m.40 views

CVE-2024-38872 SQL Injection

Zohocorp ManageEngine Exchange Reporter Plus versions 5717 and below are vulnerable to the authenticated SQL injection in the monitoring module...

8.3CVSS0.03052EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/07/15 12:0 a.m.5 views

PT-2024-5296

Name of the Vulnerable Software and Affected Versions Zohocorp ManageEngine Exchange Reporter Plus versions 5717 and below Description The issue is related to the monitoring module of Zohocorp ManageEngine Exchange Reporter Plus, where the software fails to properly protect the SQL query structur...

8.8CVSS7.7AI score0.03052EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/02/16 2:35 p.m.12 views

CVE-2024-21775 SQL Injection

Zoho ManageEngine Exchange Reporter Plus versions 5714 and below are vulnerable to the Authenticated SQL injection in report exporting feature...

8.3CVSS7.9AI score0.05013EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/16 2:35 p.m.26 views

CVE-2024-21775 SQL Injection

Zoho ManageEngine Exchange Reporter Plus versions 5714 and below are vulnerable to the Authenticated SQL injection in report exporting feature...

8.3CVSS8.9AI score0.05013EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/17 12:0 a.m.7 views

PT-2023-18594 · Zoho · Zoho Manageengine Exchange Reporter Plus

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine Exchange Reporter Plus versions prior to 5708 Description: The issue allows attackers to conduct XXE XML External Entity attacks. This type of attack occurs when an application parses XML input that contains malicious extern...

7.5CVSS7.5AI score0.03184EPSS
Exploits0References4
Rows per page
Query Builder