209 matches found
CVE-2021-31857
In Zoho ManageEngine Password Manager Pro before 11.1 build 11104, attackers are able to retrieve credentials via a browser extension for non-website resource types...
CVE-2022-35404
ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine...
EUVD-2015-5415
Malware in sbrugna...
EUVD-2014-8335
Malware in sbrugna...
EUVD-2016-2263
Malware in sbrugna...
EUVD-2021-18732
Malware in sbrugna...
EUVD-2014-3928
Malware in sbrugna...
EUVD-2020-19959
Malware in sbrugna...
EUVD-2016-2265
Malware in sbrugna...
EUVD-2017-8855
Malware in sbrugna...
EUVD-2009-4355
Malware in sbrugna...
EUVD-2020-30167
Malware in sbrugna...
EUVD-2014-9194
Malware in sbrugna...
EUVD-2023-33797
Malicious code in bioql PyPI...
EUVD-2022-38294
Malicious code in bioql PyPI...
CVE-2023-2291
Static credentials exist in the PostgreSQL data used in ManageEngine Access Manager Plus AMP build 4309, ManageEngine Password Manager Pro, and ManageEngine PAM360. These credentials could allow a malicious actor to modify configuration data that would escalate their permissions from that of a...
CVE-2022-43672
Zoho ManageEngine Password Manager Pro before 12122, PAM360 before 5711, and Access Manager Plus before 4306 allow SQL Injection in a different software component relative to CVE-2022-43671...
CVE-2022-40300
Zoho ManageEngine Password Manager Pro through 12120 before 12121, PAM360 through 5550 before 5600, and Access Manager Plus through 4304 before 4305 have multiple SQL injection vulnerabilities...
CVE-2020-9346
Zoho ManageEngine Password Manager Pro 10.4 and prior has no protection against Cross-site Request Forgery CSRF attacks, as demonstrated by changing a user's role...
CVE-2017-17698
Zoho ManageEngine Password Manager Pro 9 before 9.4 9400 has reflected XSS in SearchResult.ec and BulkAccessControlView.ec...