ZOHO ManageEngine AssetExplorer 信任管理问题漏洞

ZOHO ManageEngine AssetExplorer is a suite of asset management software from ZOHO, a US-based company. ZOHO ManageEngine AssetExplorer Agent 1.0.34 is vulnerable to a trust management issue that could be exploited by an attacker to remotely execute code on the agent machine as NT AUTHORITY SYSTEM...

Zoho ManageEngine AssetExplorer Code Execution Vulnerability

Zoho ManageEngine AssetExplorer is a suite of asset management software from Zoho USA. The software provides asset tracking, scanning of IT assets and tracking of asset ownership. A code execution vulnerability exists in Zoho ManageEngine AssetExplorer, which can be exploited by an attacker with ...

CVE-2019-12994

Server Side Request Forgery SSRF exists in Zoho ManageEngine AssetExplorer version 6.2.0 for the AJaxServlet servlet via a parameter in a URL...

Zoho ManageEngine AssetExplorer Cross-Site Scripting Vulnerability (CNVD-2019-24544)

ManageEngine AssetExplorer is asset management software from Zoho for managing IT assets. A cross-site scripting vulnerability exists in Zoho ManageEngine AssetExplorer 6.5. An attacker can exploit this vulnerability to conduct a cross-site scripting attack via the SoftwareListView.do swType or...

CVE-2019-12537

An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the SearchN.do search field...

Design/Logic Flaw

An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via ResourcesAttachments.jsp with the parameter pageName...

CVE-2019-12596

An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via SoftwareListView.do with the parameter swType or swComplianceType...

CVE-2019-12597

An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via ResourcesAttachments.jsp with the parameter pageName...

CVE-2018-17596

In Zoho ManageEngine AssetExplorer, a Stored XSS vulnerability was discovered in the 6.2.0 version via the /AssetDef.do ciName or assetName parameter...