14 matches found
EUVD-2021-31470
Malicious code in bioql PyPI...
Spoofing
Zoho ManageEngine Active Directory 360 versions 4315 and below, ADAudit Plus 7202 and below, ADManager Plus 7200 and below, Asset Explorer 6993 and below and 7xxx 7002 and below, Cloud Security Plus 4161 and below, Data Security Plus 6110 and below, Eventlog Analyzer 12301 and below, Exchange...
CVE-2023-35785
CVE-2023-35785 is a TFA bypass vulnerability affecting Zoho ManageEngine Active Directory 360, ADAudit Plus, ADManager Plus, Asset Explorer, Cloud Security Plus, Data Security Plus, Eventlog Analyzer, Exchange Reporter Plus, Log360, Log360 UEBA, M365 Manager/Security Plus, Recovery Manager Plus, ...
Zoho ManageEngine M365 Manager Plus Command Injection Vulnerability
Zoho ManageEngine M365 Manager Plus is an extensive Microsoft 365 tool from Zoho India. Used to report, manage, monitor, audit and create alerts for critical activities. Zoho ManageEngine M365 Manager Plus Build 4419 Prior versions of Zoho ManageEngine M365 Manager Plus have a command injection...
CVE-2021-44650
Zoho ManageEngine M365 Manager Plus before Build 4419 allows remote command execution when updating proxy settings through the Admin ProxySettings and Tenant ProxySettings components...
Command injection
Zoho ManageEngine M365 Manager Plus before Build 4419 allows remote command execution when updating proxy settings through the Admin ProxySettings and Tenant ProxySettings components...
CVE-2021-44650
Zoho ManageEngine M365 Manager Plus (before Build 4419) contains a command-injection vulnerability in the ProxySettings update flow (Admin ProxySettings and Tenant ProxySettings). This allows remote command execution. Affected versions are prior to Build 4419; remediation is to upgrade to Build 4...
CVE-2021-44650
Zoho ManageEngine M365 Manager Plus before Build 4419 allows remote command execution when updating proxy settings through the Admin ProxySettings and Tenant ProxySettings components...
ZOHO ManageEngine M365 Manager Plus File Upload Vulnerability
ZOHO ManageEngine M365 Manager Plus is an extensive Microsoft 365 tool from ZOHO, Inc. It is used to report, manage, monitor, audit and create alerts for critical activities.A file upload vulnerability exists in versions prior to ZOHO ManageEngine M365 Manager Plus 4421, which stems from the lack...
CVE-2021-42099
Zoho ManageEngine M365 Manager Plus before 4421 is vulnerable to file-upload remote code execution...
CVE-2021-42099
Zoho ManageEngine M365 Manager Plus before 4421 is vulnerable to file-upload remote code execution...
Remote code execution
Zoho ManageEngine M365 Manager Plus before 4421 is vulnerable to file-upload remote code execution...
CVE-2021-42099
The CVE-2021-42099 entry applies to Zoho ManageEngine M365 Manager Plus prior to version 4421. The issue is a file-upload vulnerability caused by insufficient filtering/restriction of uploaded files, enabling remote code execution. Documents from multiple sources (CNVD/CNNVD, Red Hat, NVD) confir...
CVE-2021-42099
Zoho ManageEngine M365 Manager Plus before 4421 is vulnerable to file-upload remote code execution...