72 matches found
CVE-2021-40177
Zoho ManageEngine Log360 before Build 5225 allows remote code execution via BCP file overwrite...
CVE-2021-40178
Zoho ManageEngine Log360 is affected: before Build 5224, a stored XSS exists via the LOGO_PATH field in logon settings. Root cause cited as failure to validate client-side data in LOGO_PATH. Mitigation: upgrade to Build 5224 or later (per the CVE entry). Exploitation status not specified in the p...
CVE-2021-40178
Zoho ManageEngine Log360 before Build 5224 allows stored XSS via the LOGOPATH key value in the logon settings...
ZOHO ManageEngine Log360 跨站脚本漏洞
ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. A cross-site scripting vulnerability exists in ZOHO ManageEngine Log360, which stems from the product's failure to validate user data. An attacker could execute client-side...
ZOHO ManageEngine Log360 代码问题漏洞
ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. The solution helps you mitigate security threats, detect persistent attack attempts, detect suspicious user activity, and comply with regulatory requirements.An input...
ZOHO ManageEngine Log360 跨站脚本漏洞
ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. The solution helps you mitigate security threats, detect persistent attack attempts, detect suspicious user activity, and comply with regulatory requirements.A cross-site...
ZOHO ManageEngine Log360 代码问题漏洞
ZzOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. The solution helps you mitigate security threats, detect persistent attack attempts, detect suspicious user activity, and comply with regulatory requirements.A code issue...
ZOHO ManageEngine Log360 跨站请求伪造漏洞
ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. The solution helps you mitigate security threats, detect persistent attack attempts, detect suspicious user activity, and comply with regulatory requirements.A cross-site...
ZOHO ManageEngine Log360 跨站请求伪造漏洞
ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. The solution helps you mitigate security threats, detect persistent attack attempts, detect suspicious user activity and comply with regulatory requirements.A code injection...
CVE-2020-24786
An issue was discovered in Zoho ManageEngine Exchange Reporter Plus before build number 5510, AD360 before build number 4228, ADSelfService Plus before build number 5817, DataSecurity Plus before build number 6033, RecoverManager Plus before build number 6017, EventLog Analyzer before build numbe...
Authentication flaw
An issue was discovered in Zoho ManageEngine Exchange Reporter Plus before build number 5510, AD360 before build number 4228, ADSelfService Plus before build number 5817, DataSecurity Plus before build number 6033, RecoverManager Plus before build number 6017, EventLog Analyzer before build numbe...
CVE-2020-24786
CVE-2020-24786 affects multiple ManageEngine products (Exchange Reporter Plus, AD360, ADSelfService Plus, DataSecurity Plus, RecoverManager Plus, EventLog Analyzer, ADAudit Plus, O365 Manager Plus, Cloud Security Plus, ADManager Plus, Log360) with a remotely accessible Java servlet (com.manageeng...