Lucene search
+L

2138 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:9 a.m.7 views

CVE-2019-11677

The Custom Report import function in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123224 is vulnerable to XML External Entity XXE Injection...

9.8CVSS6.9AI score0.09358EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:29 a.m.19 views

CVE-2023-29505

An issue was discovered in Zoho ManageEngine Network Configuration Manager 12.6.165. The WebSocket endpoint allows Cross-site WebSocket hijacking...

8.8CVSS6.9AI score0.00894EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:9 a.m.9 views

CVE-2019-20474

An issue was discovered in Zoho ManageEngine Remote Access Plus 10.0.447. The service to test the mail-server configuration suffers from an authorization issue allowing a user with the Guest role read-only access to use and abuse it. One of the abuses allows performing network and port scan...

4.3CVSS7AI score0.01441EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:59 a.m.18 views

CVE-2023-49331

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the aggregate reports search option...

8.8CVSS8AI score0.03005EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:59 a.m.17 views

CVE-2023-49333

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the dashboard graph feature...

8.8CVSS8AI score0.03005EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:59 a.m.21 views

CVE-2023-49330

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while getting aggregate report data...

8.8CVSS8.2AI score0.02288EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:58 a.m.7 views

CVE-2023-49332

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file shares...

8.8CVSS8AI score0.03005EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:32 a.m.11 views

CVE-2019-16268

Zoho ManageEngine Remote Access Plus 10.0.259 allows HTML injection via the Description field on the Admin - User Administration userMgmt.do?actionToCall=ShowUser screen...

4.8CVSS7.2AI score0.0181EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:29 a.m.9 views

CVE-2019-12543

An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the PurchaseRequest.do serviceRequestId parameter...

6.1CVSS5.7AI score0.06056EPSS
Exploits5References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:29 a.m.11 views

CVE-2019-12596

An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via SoftwareListView.do with the parameter swType or swComplianceType...

6.1CVSS5.9AI score0.0218EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:28 a.m.8 views

CVE-2019-12994

Server Side Request Forgery SSRF exists in Zoho ManageEngine AssetExplorer version 6.2.0 for the AJaxServlet servlet via a parameter in a URL...

9.1CVSS7AI score0.0439EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:28 a.m.9 views

CVE-2019-12541

An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SolutionSearch.do searchText parameter...

6.1CVSS5.7AI score0.06029EPSS
Exploits5References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:28 a.m.22 views

CVE-2019-12189

An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SearchN.do search field...

6.1CVSS5.5AI score0.05917EPSS
Exploits5References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:27 a.m.10 views

CVE-2019-12537

An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the SearchN.do search field...

6.1CVSS5.9AI score0.0217EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:27 a.m.9 views

CVE-2019-12959

Server Side Request Forgery SSRF exists in Zoho ManageEngine AssetExplorer 6.2.0 and before for the ClientUtilServlet servlet via a URL in a parameter...

8.8CVSS7AI score0.03108EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:27 a.m.6 views

CVE-2019-12542

An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SearchN.do userConfigID parameter...

6.1CVSS5.7AI score0.06029EPSS
Exploits5References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:27 a.m.8 views

CVE-2019-12595

An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the RCSettings.do rdsName parameter...

6.1CVSS5.9AI score0.0217EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:26 a.m.9 views

CVE-2019-12597

An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via ResourcesAttachments.jsp with the parameter pageName...

6.1CVSS5.9AI score0.0217EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:26 a.m.9 views

CVE-2019-12876

Zoho ManageEngine ADManager Plus 6.6.5, ADSelfService Plus 5.7, and DesktopCentral 10.0.380 have Insecure Permissions, leading to Privilege Escalation from low level privileges to System...

8.5CVSS7AI score0.04607EPSS
Exploits1References1
CNVD
CNVD
added 2025/11/14 12:0 a.m.3 views

ZOHO ManageEngine Exchange reporter Plus cross-site scripting vulnerability (CNVD-2025-29920)

ZOHO ManageEngine Exchange reporter Plus is a Web-based Microsoft Exchange reporting, auditing and monitoring software from ZOHO. A cross-site scripting vulnerability exists in Zoho ManageEngine Exchange Reporter Plus, which can be exploited by an attacker to create privileged accounts and gain...

7.3CVSS6.2AI score0.00478EPSS
Exploits0References1
Rows per page
Query Builder