CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

51 matches found

OSV•added 2022/08/15 8:15 p.m.•2 views

CVE-2020-21642

Directory Traversal vulnerability ZDBQAREFSUBDIR parameter in /zropusermgmt API in Zoho ManageEngine Analytics Plus before 4350 allows remote attackers to run arbitrary code...

9.8CVSS5.9AI score

Exploits0References1

OSV•added 2022/08/15 8:15 p.m.•4 views

CVE-2020-21641

Out-of-Band XML External Entity OOB-XXE vulnerability in Zoho ManageEngine Analytics Plus before 4.3.5 allows remote attackers to read arbitrary files, enumerate folders and scan internal ports via crafted XML license file...

7.5CVSS5.9AI score0.04305EPSS

Exploits0References1

NVD•added 2022/08/15 8:15 p.m.•15 views

CVE-2020-21642

Directory Traversal vulnerability ZDBQAREFSUBDIR parameter in /zropusermgmt API in Zoho ManageEngine Analytics Plus before 4350 allows remote attackers to run arbitrary code...

9.8CVSS0.07731EPSS

Exploits0References1

Prion•added 2022/08/15 8:15 p.m.•34 views

Xxe

5CVSS7.5AI score0.04305EPSS

Exploits0References1Affected Software1

Prion•added 2022/08/15 8:15 p.m.•14 views

Directory traversal

Directory Traversal vulnerability ZDBQAREFSUBDIR parameter in /zropusermgmt API in Zoho ManageEngine Analytics Plus before 4350 allows remote attackers to run arbitrary code...

7.5CVSS9.4AI score0.07731EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/08/15 7:10 p.m.•22 views

CVE-2020-21641

7.5AI score0.04305EPSS

Exploits0References1

Cvelist•added 2022/08/15 7:10 p.m.•18 views

CVE-2020-21642

Directory Traversal vulnerability ZDBQAREFSUBDIR parameter in /zropusermgmt API in Zoho ManageEngine Analytics Plus before 4350 allows remote attackers to run arbitrary code...

9.5AI score0.07731EPSS

Exploits0References1

CVE•added 2022/08/15 7:10 p.m.•58 views

CVE-2020-21642

Zoho ManageEngine Analytics Plus versions before 4350 are affected by a directory traversal vulnerability in the /zropusermgmt API via the ZDBQAREFSUBDIR parameter, which could allow remote code execution. Remediation: upgrade to version 4350 or later; as a temporary workaround, restrict access t...

9.8CVSS9.3AI score0.07731EPSS

Exploits0References1Affected Software1

CVE•added 2022/08/15 7:10 p.m.•69 views

CVE-2020-21641

Summary: CVE-2020-21641 affects Zoho ManageEngine Analytics Plus prior to 4.3.5. The issue is an Out-of-Band XML External Entity (OOB-XXE) in the handling of a crafted XML license file used by the product. What is affected: ManageEngine Analytics Plus (versions before 4.3.5). The vulnerability so...

7.5CVSS7.4AI score0.04305EPSS

Exploits0References1Affected Software1

CNNVD•added 2022/08/15 12:0 a.m.•3 views

ZOHO ManageEngine Analytics Plus 路径遍历漏洞

ZOHO ManageEngine Analytics Plus is a self-service IT analytics solution from ZOHO India. Get a better view of your IT data with rich visualizations and dashboards. A security vulnerability exists in ZOHO ManageEngine Analytics Plus prior to version 4350, which stems from a directory traversal...

9.8CVSS8.8AI score0.07731EPSS

Exploits0References2

CNNVD•added 2022/08/15 12:0 a.m.•3 views

ZOHO ManageEngine Analytics Plus 代码问题漏洞

ZOHO ManageEngine Analytics Plus is a self-service IT analytics solution from ZOHO India. Get a better view of your IT data with rich visualizations and dashboards. A security vulnerability exists in ZOHO ManageEngine Analytics Plus versions prior to 4.3.5. A remote attacker can exploit the...

7.5CVSS7.6AI score0.04305EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by