CVE-2019-16268

Zoho ManageEngine Remote Access Plus 10.0.259 allows HTML injection via the Description field on the Admin - User Administration userMgmt.do?actionToCall=ShowUser screen...

CVE-2019-12543

An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the PurchaseRequest.do serviceRequestId parameter...

CVE-2019-12596

An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via SoftwareListView.do with the parameter swType or swComplianceType...

CVE-2019-12994

Server Side Request Forgery SSRF exists in Zoho ManageEngine AssetExplorer version 6.2.0 for the AJaxServlet servlet via a parameter in a URL...

CVE-2019-12541

An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SolutionSearch.do searchText parameter...

CVE-2019-12189

An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SearchN.do search field...

CVE-2019-12537

An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the SearchN.do search field...

CVE-2019-12959

Server Side Request Forgery SSRF exists in Zoho ManageEngine AssetExplorer 6.2.0 and before for the ClientUtilServlet servlet via a URL in a parameter...

CVE-2019-12542

An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SearchN.do userConfigID parameter...

CVE-2019-12595

An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the RCSettings.do rdsName parameter...

CVE-2019-12597

An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via ResourcesAttachments.jsp with the parameter pageName...

CVE-2019-12876

Zoho ManageEngine ADManager Plus 6.6.5, ADSelfService Plus 5.7, and DesktopCentral 10.0.380 have Insecure Permissions, leading to Privilege Escalation from low level privileges to System...

CVE-2025-1723

Zohocorp ManageEngine ADSelfService Plus versions 6510 and below are vulnerable to account takeover due to the session mishandling. Valid account holders in the setup only have the potential to exploit this bug...

CVE-2025-9787

Zohocorp ManageEngine Applications Manager versions 177400 and below are vulnerable to Stored Cross-Site Scripting vulnerability in the NOC view...

CVE-2025-9787

Zohocorp ManageEngine Applications Manager versions 177400 and below are vulnerable to Stored Cross-Site Scripting vulnerability in the NOC view...

CVE-2025-9787

Zohocorp ManageEngine Applications Manager versions 177400 and below are vulnerable to Stored Cross-Site Scripting vulnerability in the NOC view...

CVE-2025-9787

CVE-2025-9787 affects Zohocorp ManageEngine Applications Manager (versions 177400 and earlier). It is a Stored Cross-Site Scripting vulnerability in the NOC view. IMPLICATIONS: CVSS 3.1 base score 6.1 (MEDIUM): NETWORK attack vector, HIGH confidentiality and integrity impact, requires user intera...

CVE-2025-9787 Stored XSS

Zohocorp ManageEngine Applications Manager versions 177400 and below are vulnerable to Stored Cross-Site Scripting vulnerability in the NOC view...

PT-2025-52230

Zohocorp ManageEngine Applications Manager versions 177400 and below are vulnerable to Stored Cross-Site Scripting vulnerability in the NOC view...

ManageEngine 安全漏洞

ManageEngine is a family of IT management solutions from ManageEngine, Inc. A security vulnerability exists in ManageEngine 177400 and earlier versions that stems from a stored cross-site scripting vulnerability in the NOC view...