Lucene search
K

72 matches found

Cvelist
Cvelist
added 2021/08/29 7:17 p.m.21 views

CVE-2021-40177

Zoho ManageEngine Log360 before Build 5225 allows remote code execution via BCP file overwrite...

10AI score0.04603EPSS
Exploits0References1
CVE
CVE
added 2021/08/29 7:17 p.m.56 views

CVE-2021-40178

Zoho ManageEngine Log360 is affected: before Build 5224, a stored XSS exists via the LOGO_PATH field in logon settings. Root cause cited as failure to validate client-side data in LOGO_PATH. Mitigation: upgrade to Build 5224 or later (per the CVE entry). Exploitation status not specified in the p...

6.1CVSS5.8AI score0.00821EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/08/29 7:17 p.m.26 views

CVE-2021-40178

Zoho ManageEngine Log360 before Build 5224 allows stored XSS via the LOGOPATH key value in the logon settings...

6.1AI score0.00821EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/08/29 12:0 a.m.4 views

ZOHO ManageEngine Log360 跨站脚本漏洞

ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. A cross-site scripting vulnerability exists in ZOHO ManageEngine Log360, which stems from the product's failure to validate user data. An attacker could execute client-side...

6.1CVSS5.4AI score0.00821EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/08/29 12:0 a.m.6 views

ZOHO ManageEngine Log360 代码问题漏洞

ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. The solution helps you mitigate security threats, detect persistent attack attempts, detect suspicious user activity, and comply with regulatory requirements.An input...

9.8CVSS6.1AI score0.07013EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/08/29 12:0 a.m.6 views

ZOHO ManageEngine Log360 跨站脚本漏洞

ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. The solution helps you mitigate security threats, detect persistent attack attempts, detect suspicious user activity, and comply with regulatory requirements.A cross-site...

6.1CVSS5.4AI score0.00821EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/08/29 12:0 a.m.3 views

ZOHO ManageEngine Log360 代码问题漏洞

ZzOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. The solution helps you mitigate security threats, detect persistent attack attempts, detect suspicious user activity, and comply with regulatory requirements.A code issue...

9.8CVSS5.8AI score0.04603EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/08/29 12:0 a.m.6 views

ZOHO ManageEngine Log360 跨站请求伪造漏洞

ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. The solution helps you mitigate security threats, detect persistent attack attempts, detect suspicious user activity, and comply with regulatory requirements.A cross-site...

8.8CVSS5.4AI score0.00994EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/08/29 12:0 a.m.28 views

ZOHO ManageEngine Log360 跨站请求伪造漏洞

ZOHO ManageEngine Log360 is an integrated log management and Active Directory auditing and alerting solution from ZOHO USA. The solution helps you mitigate security threats, detect persistent attack attempts, detect suspicious user activity and comply with regulatory requirements.A code injection...

8.8CVSS5.8AI score0.00994EPSS
Exploits0References1
NVD
NVD
added 2020/08/31 3:15 p.m.29 views

CVE-2020-24786

An issue was discovered in Zoho ManageEngine Exchange Reporter Plus before build number 5510, AD360 before build number 4228, ADSelfService Plus before build number 5817, DataSecurity Plus before build number 6033, RecoverManager Plus before build number 6017, EventLog Analyzer before build numbe...

10CVSS9.5AI score0.12822EPSS
Exploits0References12
Prion
Prion
added 2020/08/31 3:15 p.m.23 views

Authentication flaw

An issue was discovered in Zoho ManageEngine Exchange Reporter Plus before build number 5510, AD360 before build number 4228, ADSelfService Plus before build number 5817, DataSecurity Plus before build number 6033, RecoverManager Plus before build number 6017, EventLog Analyzer before build numbe...

10CVSS9.4AI score0.12822EPSS
Exploits0References12Affected Software11
CVE
CVE
added 2020/08/31 2:2 p.m.67 views

CVE-2020-24786

CVE-2020-24786 affects multiple ManageEngine products (Exchange Reporter Plus, AD360, ADSelfService Plus, DataSecurity Plus, RecoverManager Plus, EventLog Analyzer, ADAudit Plus, O365 Manager Plus, Cloud Security Plus, ADManager Plus, Log360) with a remotely accessible Java servlet (com.manageeng...

10CVSS9.4AI score0.12822EPSS
Exploits0References12Affected Software1
Rows per page
Query Builder