5119 matches found
CVE-2025-5966
Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Attachments by filename keyword report...
CVE-2025-5366
Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Folder-wise read mails with subject report...
CVE-2025-5966
Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Attachments by filename keyword report...
CVE-2025-5966
Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Attachments by filename keyword report...
CVE-2025-5366
Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Folder-wise read mails with subject report...
CVE-2025-5366
Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Folder-wise read mails with subject report...
CVE-2025-5966 Stored XSS
Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Attachments by filename keyword report...
CVE-2025-5966 Stored XSS
Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Attachments by filename keyword report...
CVE-2025-5366 Stored XSS
Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Folder-wise read mails with subject report...
CVE-2025-5366 Stored XSS
Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Folder-wise read mails with subject report...
CVE-2025-5366
CVE-2025-5366 affects Zohocorp ManageEngine Exchange Reporter Plus 5722 and earlier. The flaw is a Stored XSS in the Folder-wise read mails feature (subject is report). The CVSSv3.1 base score is 8.1 (HIGH); attack vector NETWORK, attack complexity LOW, privileges None, user interaction REQUIRED,...
ManageEngine Exchange Reporter Plus Installed (Windows)
Binary data manageengineexchangereporterpluswininstalled.nbin...
ZOHO ManageEngine Exchange Reporter Plus 安全漏洞
ZOHO ManageEngine Exchange Reporter Plus is a Web-based Exchange Server reporting software from ZOHO, Inc. A security vulnerability exists in ZOHO ManageEngine Exchange Reporter Plus 5722 and prior versions that stems from a stored cross-site scripting attack...
PT-2025-26956 · Manageengine · Zoho Manageengine Exchange Reporter Plus
Name of the Vulnerable Software and Affected Versions: ManageEngine Exchange Reporter Plus versions 5722 and earlier Description: The issue concerns a Stored XSS in the report for emails read by folder with subject. This affects the specified versions of ManageEngine Exchange Reporter Plus,...
PT-2025-26957 · Manageengine · Zoho Manageengine Exchange Reporter Plus
Name of the Vulnerable Software and Affected Versions: ManageEngine Exchange Reporter Plus versions 5722 and below Description: The issue concerns a Stored XSS in the Attachments by filename keyword report. This affects the management of attachments based on filename keywords, potentially allowin...
ManageEngine OpManager Reflected XSS (CVE-2025-41437)
The version of ManageEngine OpManager running on the remote web server is earlier than 128463, between 128509 and 128541 inclusive, between 128551 and 128554 inclusive, or exactly 128565. It is, therefore, affected by a reflected XSS vulnerability on the login page. Note that Nessus has not teste...
The vulnerability of the Service Account Auditing service of the Windows Active Directory management and reporting software Zoho ManageEngine ADAudit Plus allows a perpetrator to execute arbitrary code.
The vulnerability of the Service Account Auditing service in the Windows Active Directory management and reporting software Zoho ManageEngine ADAudit Plus is related to the lack of security measures for the SQL query structure. Exploitation of this vulnerability could allow a malicious actor to...
The vulnerability of the Content Search module of the monitoring, analysis, and reporting software Zohocorp ManageEngine Exchange Reporter Plus allows a hacker to execute arbitrary code.
The vulnerability of the Content Search module in the monitoring, analysis, and reporting software Zohocorp ManageEngine Exchange Reporter Plus relates to the unlimited download of dangerous files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2025-41444
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the alerts module...
CVE-2025-36528
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in Service Account Auditing reports...