CVE-2026-5785

Zohocorp ManageEngine PAM360 versions before 8531 and ManageEngine Password Manager Pro versions from 8600 to 13230 are vulnerable to Authenticated SQL injection in the query report module...

CVE-2025-11669 Broken Access Control

Zohocorp ManageEngine PAM360 versions before 8202; Password Manager Pro versions before 13221; Access Manager Plus versions prior to 4401 are vulnerable to an authorization issue in the initiate remote session functionality...

CVE-2025-11669

The vulnerability CVE-2025-11669 affects Zohocorp ManageEngine PAM360 (versions before 8202), Password Manager Pro (before 13221), and Access Manager Plus (before 4401). It is described as an authorization issue in the initiate remote session functionality. Remediation: upgrade PAM360 to 8202 or ...

ZOHO多款产品 安全漏洞

ZOHO Password Manager Pro PMP and so on are products of ZOHO USA company.ZOHO Password Manager Pro is a password manager.ZOHO ManageEngine Access Manager Plus is the ZOHO ManageEngine PAM360 is a complete PAM software. A security vulnerability exists in several ZOHO products, which stems from an...

EUVD-2023-33797

Malicious code in bioql PyPI...

EUVD-2024-24528

Malicious code in bioql PyPI...

ManageEngine PAM360 < 7.0 Build 7001 SQLi

The remote host is running a version of ManageEngine PAM360 prior to 7.0 Build 7001. It is, therefore, affected by a SQL injection vulnerability. An unauthenticated, remote attacker can exploit this to inject or manipulate SQL queries in the back-end database, resulting in the disclosure or...

ZOHO ManageEngine Password Manager Pro 安全漏洞

ZOHO ManageEngine Password Manager Pro is a password manager from ZOHO, Inc. A security vulnerability exists in ZOHO ManageEngine Password Manager Pro prior to version 12431 and ManageEngine PAM360 prior to version 7001, which stems from a failure to properly filter input via the global search...

PT-2024-21815

Name of the Vulnerable Software and Affected Versions Zoho ManageEngine PAM360 version 6610 Description The issue is related to a Stored XSS vulnerability. Recommendations For Zoho ManageEngine PAM360 version 6610, at the moment, there is no information about a newer version that contains a fix f...

CVE-2023-2291

CVE-2023-2291 affects ManageEngine products: Access Manager Plus (AMP) in build 4309, Password Manager Pro, and PAM360. The root cause is static credentials stored in PostgreSQL data, which could allow a low-privilege user to modify configuration data and escalate to Administrative privileges. Th...

CVE-2023-2291

Static credentials exist in the PostgreSQL data used in ManageEngine Access Manager Plus AMP build 4309, ManageEngine Password Manager Pro, and ManageEngine PAM360. These credentials could allow a malicious actor to modify configuration data that would escalate their permissions from that of a...

ManageEngine PAM360 < 5.8 Build 5801 SQLi

The remote host is running a version of ManageEngine PAM360 prior to 5.8 Build 5801. It is, therefore, affected by a SQL injection vulnerability. An unauthenticated, remote attacker can exploit this to inject or manipulate SQL queries in the back-end database, resulting in the disclosure or...

ManageEngine PAM360 < 5.5 Build 5510 RCE

The remote host is running a version of ManageEngine PAM360 prior to 5.5 Build 5510. It is, therefore, affected by a remote code execution vulnerability. An unauthenticated, remote attacker can exploit this to bypass authentication and execute arbitrary commands on the remote host. Note that Ness...

ManageEngine PAM360 < 5.6 Build 5600 SQLi

The remote host is running a version of ManageEngine PAM360 prior to 5.6 Build 5600. It is, therefore, affected by a SQL injection vulnerability. An unauthenticated, remote attacker can exploit this to inject or manipulate SQL queries in the back-end database, resulting in the disclosure or...

CVE-2021-44525

Zoho ManageEngine PAM360 before build 5303 allows attackers to modify a few aspects of application state because of a filter bypass in which authentication is not required...

PT-2021-24123 · Zoho · Zoho Manageengine Pam360

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine PAM360 versions prior to build 5303 Description: The issue allows attackers to modify certain aspects of application state due to a filter bypass that does not require authentication. Recommendations: For versions prior to...