Lucene search
K

72 matches found

OSV
OSV
added 2021/08/29 8:15 p.m.3 views

CVE-2021-40174

Zoho ManageEngine Log360 before Build 5224 allows a CSRF attack for disabling the logon security settings...

8.8CVSS7.3AI score0.00994EPSS
Exploits0References1
NVD
NVD
added 2021/08/29 8:15 p.m.15 views

CVE-2021-40175

Zoho ManageEngine Log360 before Build 5219 allows unrestricted file upload with resultant remote code execution...

9.8CVSS0.07013EPSS
Exploits0References1
NVD
NVD
added 2021/08/29 8:15 p.m.23 views

CVE-2021-40176

Zoho ManageEngine Log360 before Build 5225 allows stored XSS...

6.1CVSS0.00821EPSS
Exploits0References1
NVD
NVD
added 2021/08/29 8:15 p.m.45 views

CVE-2021-40172

Zoho ManageEngine Log360 before Build 5219 allows a CSRF attack on proxy settings...

8.8CVSS0.00994EPSS
Exploits0References1
NVD
NVD
added 2021/08/29 8:15 p.m.28 views

CVE-2021-40178

Zoho ManageEngine Log360 before Build 5224 allows stored XSS via the LOGOPATH key value in the logon settings...

6.1CVSS0.00821EPSS
Exploits0References1
Prion
Prion
added 2021/08/29 8:15 p.m.13 views

Cross site scripting

Zoho ManageEngine Log360 before Build 5225 allows stored XSS...

4.3CVSS6.2AI score0.00821EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/08/29 8:15 p.m.5 views

CVE-2021-40174

Zoho ManageEngine Log360 before Build 5224 allows a CSRF attack for disabling the logon security settings...

8.8CVSS7.3AI score0.00994EPSS
Exploits0References2
Prion
Prion
added 2021/08/29 8:15 p.m.20 views

Cross site scripting

Zoho ManageEngine Log360 before Build 5224 allows stored XSS via the LOGOPATH key value in the logon settings...

4.3CVSS5.9AI score0.00821EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/08/29 8:15 p.m.15 views

Unrestricted file upload

Zoho ManageEngine Log360 before Build 5219 allows unrestricted file upload with resultant remote code execution...

7.5CVSS9.1AI score0.07013EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/08/29 8:15 p.m.22 views

Design/Logic Flaw

Zoho ManageEngine Log360 before Build 5225 allows remote code execution via BCP file overwrite...

7.5CVSS9.7AI score0.04603EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/08/29 8:15 p.m.17 views

Cross site request forgery (csrf)

Zoho ManageEngine Log360 before Build 5224 allows a CSRF attack for disabling the logon security settings...

6.8CVSS8.7AI score0.00994EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/08/29 8:15 p.m.20 views

Cross site request forgery (csrf)

Zoho ManageEngine Log360 before Build 5219 allows a CSRF attack on proxy settings...

6.8CVSS8.6AI score0.00994EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/08/29 7:18 p.m.45 views

CVE-2021-40172

Zoho ManageEngine Log360 before Build 5219 allows a CSRF attack on proxy settings...

8.9AI score0.00994EPSS
Exploits0References1
CVE
CVE
added 2021/08/29 7:18 p.m.44 views

CVE-2021-40172

Zoho ManageEngine Log360 is vulnerable to a CSRF on proxy settings in builds prior to 5219. The CVE-2021-40172 entry documents a cross-site request forgery issue affecting the proxy configuration functionality, with published references indicating that updating to Build 5219 or later mitigates th...

8.8CVSS8.7AI score0.00994EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/08/29 7:17 p.m.54 views

CVE-2021-40174

Zoho ManageEngine Log360 is affected by a CSRF vulnerability prior to Build 5224. The issue stems from insufficient validation of requests from trusted users, allowing an attacker to disable logon security settings. Reported CVSS scores indicate high impact (CVSS 3.1: base score 8.8, vector CVSS:...

8.8CVSS8.7AI score0.00994EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/08/29 7:17 p.m.52 views

CVE-2021-40175

CVE-2021-40175 affects Zoho ManageEngine Log360 prior to Build 5219, where unrestricted file upload enables remote code execution. The incident is documented across multiple sources tying the vulnerability to the Log360 web upload mechanism and the Build 5219 fix. Affected component: Log360 uploa...

9.8CVSS9.4AI score0.07013EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/08/29 7:17 p.m.25 views

CVE-2021-40175

Zoho ManageEngine Log360 before Build 5219 allows unrestricted file upload with resultant remote code execution...

9.7AI score0.07013EPSS
Exploits0References1
CVE
CVE
added 2021/08/29 7:17 p.m.51 views

CVE-2021-40176

CVE-2021-40176 affects Zoho ManageEngine Log360 prior to Build 5225, with a stored XSS vulnerability caused by insufficient input validation in the web interface. Exploitation could lead to execution of client-side code within authenticated sessions on affected instances. Public references indica...

6.1CVSS6.2AI score0.00821EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/08/29 7:17 p.m.22 views

CVE-2021-40176

Zoho ManageEngine Log360 before Build 5225 allows stored XSS...

6.5AI score0.00821EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/08/29 7:17 p.m.21 views

CVE-2021-40177

Zoho ManageEngine Log360 before Build 5225 allows remote code execution via BCP file overwrite...

10AI score0.04603EPSS
Exploits0References1
Rows per page
Query Builder