100 matches found
CVE-2018-18949
Zoho ManageEngine OpManager 12.3 before 123222 has SQL Injection via Mail Server settings...
CVE-2022-37024
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution...
ZOHO ManageEngine OpManager Cross-Site Scripting Vulnerability (CNVD-2025-29925)
ZOHO ManageEngine OpManager is a comprehensive network monitoring software from ZOHO. It is used to manage routers, firewalls, servers, switches and printers. A cross-site scripting vulnerability exists in ZOHO ManageEngine OpManager, no detailed vulnerability details are available at this time...
EUVD-2019-6175
Malware in sbrugna...
EUVD-2018-9997
Malware in sbrugna...
EUVD-2018-10432
Malware in sbrugna...
EUVD-2017-3176
Malware in sbrugna...
EUVD-2018-10431
Malware in sbrugna...
EUVD-2021-31347
Malicious code in bioql PyPI...
CVE-2022-27908
Zoho ManageEngine OpManager before 125588 and before 125603 is vulnerable to authenticated SQL Injection in the Inventory Reports module...
CVE-2021-3287
Zoho ManageEngine OpManager before 12.5.329 allows unauthenticated Remote Code Execution due to a general bypass in the deserialization class...
CVE-2020-12116
Zoho ManageEngine OpManager Stable build before 124196 and Released build before 125125 allows an unauthenticated attacker to read arbitrary files on the server by sending a crafted request...
CVE-2019-17602
An issue was discovered in Zoho ManageEngine OpManager before 12.4 build 124089. The OPMDeviceDetailsServlet servlet is prone to SQL injection. Depending on the configuration, this vulnerability could be exploited unauthenticated or authenticated...
CVE-2019-15104
An issue was discovered in Zoho ManageEngine OpManager through 12.4x. There is a SQL Injection vulnerability in jsp/NewThresholdConfiguration.jsp via the resourceid parameter. Therefore, a low-authority user can gain the authority of SYSTEM on the server. One can consequently upload a malicious...
CVE-2018-17243
Global Search in Zoho ManageEngine OpManager before 12.3 123205 allows SQL Injection...
CVE-2015-7766
PGSQL:SubmitQuery.do in ZOHO ManageEngine OpManager 11.6, 11.5, and earlier allows remote administrators to bypass SQL query restrictions via a comment in the query to api/json/admin/SubmitQuery, as demonstrated by "INSERT//INTO."...
CVE-2017-11559
An issue was discovered in ZOHO ManageEngine OpManager 12.2. The 'apiKey' parameter of "/api/json/admin/getmailserversettings" and "/api/json/dashboard/gotoverviewlist" is vulnerable to a Blind SQL Injection attack...
CVE-2015-7765
ZOHO ManageEngine OpManager 11.5 build 11600 and earlier uses a hardcoded password of "plugin" for the IntegrationUser account, which allows remote authenticated users to obtain administrator access by leveraging knowledge of this password...
ZOHO ManageEngine OpManager RMM 安全漏洞
ZOHO ManageEngine OpManager RMM is a remote monitoring and management software from ZOHO, Inc. A security vulnerability exists in ZOHO ManageEngine OpManager RMM version 128329 and prior versions, which stems from a remote code execution contained in the deployment agent option...
ZOHO ManageEngine OpManager 安全漏洞
ZOHO ManageEngine OpManager is a comprehensive network monitoring software from ZOHO. It is used to manage routers, firewalls, servers, switches and printers. A security vulnerability exists in ZOHO ManageEngine OpManager version 126323 that could allow an authenticated user to perform remote cod...