Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5114 matches found

CVE
CVEadded 2026/04/03 11:47 a.m.5 views

CVE-2026-4108

CVE-2026-4108 affects Zohocorp ManageEngine Exchange Reporter Plus pre-5802. The issue is a stored XSS vulnerability within the Non-Owner Mailbox Permission report, allowing an attacker to inject script when a report is generated or viewed that processes user-supplied input. Based on the availabl...

7.3CVSS5.9AI score0.00538EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/03 11:47 a.m.4 views

CVE-2026-4108 Stored XSS Vulnerability

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Non-Owner Mailbox Permission report...

7.3CVSS5.9AI score0.00538EPSS
Exploits0References1
CVE
CVEadded 2026/04/03 11:44 a.m.9 views

CVE-2026-4107

CVE-2026-4107 affects Zohocorp ManageEngine Exchange Reporter Plus, with stored XSS in the Folder Message Count and Size report for versions before 5802. The CVSS v3.1 base score is 7.3 (HIGH) with Network attack vector, Low attack complexity, Privileges Required: Low, User Interaction: Required,...

7.3CVSS5.9AI score0.00519EPSS
Exploits0References1Affected Software1
CVE
CVEadded 2026/04/03 11:33 a.m.9 views

CVE-2026-3879

Summary: CVE-2026-3879 affects Zohocorp ManageEngine Exchange Reporter Plus (pre-5802). The vulnerability is a Stored XSS in the Equipment Mailbox Details report. The NVD/NVD-derived entries confirm affected software and release version boundary (before 5802). The CVSSv3.1 vector is AV:N/AC:L/PR:...

7.3CVSS5.9AI score0.00527EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2026/04/03 11:33 a.m.15 views

CVE-2026-3879 Stored XSS Vulnerability

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Equipment Mailbox Details report...

7.3CVSS0.00527EPSS
Exploits0References1
CVE
CVEadded 2026/04/03 11:29 a.m.10 views

CVE-2026-28703

CVE-2026-28703 affects Zohocorp ManageEngine Exchange Reporter Plus prior to version 5802. The vulnerability is a Stored XSS in the Mails Exchanged Between Users report. The provided metrics indicate a CVSS‑3.1 base score of 7.3 (HIGH), with network attack vector, low attack complexity, privilege...

7.3CVSS5.9AI score0.00538EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/04/03 11:29 a.m.3 views

CVE-2026-28703

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Mails Exchanged Between Users report...

7.3CVSS5.9AI score0.00538EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/04/03 11:29 a.m.3 views

CVE-2026-28703 Stored XSS Vulnerability

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Mails Exchanged Between Users report...

7.3CVSS5.9AI score0.00538EPSS
Exploits0References1
NVD
NVDadded 2026/04/03 11:17 a.m.8 views

CVE-2026-28756

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions based on Distribution Groups report...

7.3CVSS0.00538EPSS
Exploits0References1
NVD
NVDadded 2026/04/03 11:17 a.m.4 views

CVE-2026-28754

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Distribution Lists report...

7.3CVSS0.00538EPSS
Exploits0References1
CVE
CVEadded 2026/04/03 11:11 a.m.6 views

CVE-2026-28756

CVE-2026-28756 affects ManageEngine Exchange Reporter Plus from Zoho (ManageEngine) versions prior to 5802. The issue is a Stored XSS vulnerability in the Permissions based on Distribution Groups report, allowing an attacker to inject script via the affected report. The CVSS 3.1 base metrics indi...

7.3CVSS5.9AI score0.00538EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/03 11:11 a.m.3 views

CVE-2026-28756 Stored XSS Vulnerability

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions based on Distribution Groups report...

7.3CVSS5.9AI score0.00538EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/04/03 10:8 a.m.15 views

CVE-2026-28754 Stored XSS Vulnerability

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Distribution Lists report...

7.3CVSS0.00538EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/04/03 12:0 a.m.4 views

PT-2026-30028

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Folder Message Count and Size report...

7.3CVSS5.9AI score0.00519EPSS
Exploits0References2
CNNVD
CNNVDadded 2026/04/03 12:0 a.m.4 views

ZOHO ManageEngine Exchange reporter Plus 安全漏洞

ZOHO ManageEngine Exchange Reporter Plus is a web-based Microsoft Exchange reporting, auditing, and monitoring software developed by ZOHO Corporation. Previous versions of ZOHO ManageEngine Exchange Reporter Plus, including version 5802, contained security vulnerabilities due to cross-site...

7.3CVSS5.6AI score0.00519EPSS
Exploits0References1
CNNVD
CNNVDadded 2026/04/03 12:0 a.m.4 views

ZOHO ManageEngine Exchange Reporter Plus 安全漏洞

ZOHO ManageEngine Exchange Reporter Plus is a web-based Exchange Server reporting tool developed by ZOHO Corporation. Previous versions of Zohocorp ManageEngine Exchange Reporter Plus, including version 5802, contained security vulnerabilities. These vulnerabilities stemmed from a storage...

7.3CVSS5.7AI score0.00527EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2026/04/03 12:0 a.m.5 views

PT-2026-30030

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Non-Owner Mailbox Permission report...

7.3CVSS5.9AI score0.00538EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/04/03 12:0 a.m.6 views

PT-2026-30027

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Public Folder Client Permissions report...

7.3CVSS5.9AI score0.00538EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEVadded 2026/04/01 12:0 a.m.9 views

VulnCheck KEV: CVE-2022-28987

Zoho ManageEngine ADSelfService Plus before 6202 allows attackers to perform username enumeration via a crafted POST request to /ServletAPI/accounts/login...

5.3CVSS5.8AI score0.09705EPSS
In wildExploits1References2
RedhatCVE
RedhatCVEadded 2026/03/27 2:26 p.m.7 views

CVE-2021-27214

A Server-side request forgery SSRF vulnerability in the ProductConfig servlet in Zoho ManageEngine ADSelfService Plus through 6013 allows a remote unauthenticated attacker to perform blind HTTP requests or perform a Cross-site scripting XSS attack against the administrative interface via an HTTP...

10CVSS6.4AI score0.03287EPSS
Exploits1References1
Rows per page
Query Builder