5114 matches found
ZOHO ManageEngine Endpoint Central XML Injection Vulnerability
ZOHO ManageEngine Endpoint Central is a desktop management system from ZOHO. An XML injection vulnerability exists in ZOHO ManageEngine Endpoint Central, and no details of the vulnerability are available at this time...
EUVD-2025-35165
Zohocorp ManageEngine Applications Manager versions 176800 and below are vulnerable to information disclosure in File/Directory monitor...
EUVD-2025-35166
Zohocorp ManageEngine ADManager Plus version before 8024 are vulnerable to authenticated command injection vulnerability in the Custom Script component...
CVE-2025-6239
Zohocorp ManageEngine Applications Manager versions 176800 and below are vulnerable to information disclosure in File/Directory monitor...
CVE-2025-6239
Zohocorp ManageEngine Applications Manager versions 176800 and below are vulnerable to information disclosure in File/Directory monitor...
CVE-2025-10020
Zohocorp ManageEngine ADManager Plus version before 8024 are vulnerable to authenticated command injection vulnerability in the Custom Script component...
CVE-2025-6239 Information disclosure
Zohocorp ManageEngine Applications Manager versions 176800 and below are vulnerable to information disclosure in File/Directory monitor...
CVE-2025-6239 Information disclosure
Zohocorp ManageEngine Applications Manager versions 176800 and below are vulnerable to information disclosure in File/Directory monitor...
CVE-2025-6239
The CVE-2025-6239 issue affects Zohocorp ManageEngine Applications Manager (versions 176800 and below). The root cause is information disclosure due to improper file/directory monitoring in the File/Directory monitor component. Attackers could access sensitive information exposed by this monitori...
CVE-2025-9428
Zohocorp ManageEngine Analytics Plus versions 6171 and prior are vulnerable to authenticated SQL Injection via the key update api...
CVE-2025-9428
Zohocorp ManageEngine Analytics Plus versions 6171 and prior are vulnerable to authenticated SQL Injection via the key update api...
CVE-2025-10020 Command Injection
Zohocorp ManageEngine ADManager Plus version before 8024 are vulnerable to authenticated command injection vulnerability in the Custom Script component...
CVE-2025-10020 Command Injection
Zohocorp ManageEngine ADManager Plus version before 8024 are vulnerable to authenticated command injection vulnerability in the Custom Script component...
CVE-2025-10020
CVE-2025-10020 affects Zohocorp ManageEngine ADManager Plus prior to version 8024, with an authenticated command-injection in the Custom Script component caused by inadequate filtering of constructed command characters. Impact described across sources includes arbitrary command execution and pote...
CVE-2025-9428 SQL Injection
Zohocorp ManageEngine Analytics Plus versions 6171 and prior are vulnerable to authenticated SQL Injection via the key update api...
EUVD-2025-35160
Zohocorp ManageEngine Analytics Plus versions 6171 and prior are vulnerable to authenticated SQL Injection via the key update api...
CVE-2025-9428 SQL Injection
Zohocorp ManageEngine Analytics Plus versions 6171 and prior are vulnerable to authenticated SQL Injection via the key update api...
CVE-2025-9428
CVE-2025-9428 affects Zohocorp ManageEngine Analytics Plus prior to or at version 6171, with an authenticated SQL Injection via the key update API. Impact described across sources as potential unauthorized data exposure and database manipulation (HIGH risk per CVSS references). Public advisories ...
CVE-2025-7473
Zohocorp ManageEngine EndPoint Central versions 11.4.2516.1 and prior are vulnerable to XML Injection...
CVE-2025-7473
Zohocorp ManageEngine EndPoint Central versions 11.4.2516.1 and prior are vulnerable to XML Injection...