676 matches found
Zoho ManageEngine - Access Control Bypass
Zoho ManageEngine Access Manager Plus before 4302, Password Manager Pro before 12007, and PAM360 before 5401 are vulnerable to access-control bypass on a few Rest API URLs for SSOutAction. SSLAction. LicenseMgr. GetProductDetails. GetDashboard. FetchEvents. and Synchronize via the ../RestAPI...
CVE-2026-5785
Zohocorp ManageEngine PAM360 versions before 8531 and ManageEngine Password Manager Pro versions from 8600 to 13230 are vulnerable to Authenticated SQL injection in the query report module...
Exploit for Unrestricted Upload of File with Dangerous Type in Filemanagerpro File_Manager
wp-file-manager-exploit-CVE-2020-25213-with-Zerologon Project...
EUVD-2026-23239
Zohocorp ManageEngine PAM360 versions before 8531 and ManageEngine Password Manager Pro versions from 8600 to 13230 are vulnerable to Authenticated SQL injection in the query report module...
CVE-2026-5785
Zohocorp ManageEngine PAM360 versions before 8531 and ManageEngine Password Manager Pro versions from 8600 to 13230 are vulnerable to Authenticated SQL injection in the query report module...
CVE-2026-5785
The CVE-2026-5785 issue affects Zohocorp ManageEngine PAM360 (versions before 8531) and ManageEngine Password Manager Pro (versions 8600 to 13230). The vulnerability is an Authenticated SQL injection in the query report module, allowing an attacker with LOW privileges and no user interaction to t...
CVE-2026-5785 SQL Injection
Zohocorp ManageEngine PAM360 versions before 8531 and ManageEngine Password Manager Pro versions from 8600 to 13230 are vulnerable to Authenticated SQL injection in the query report module...
CVE-2026-5785
Zohocorp ManageEngine PAM360 versions before 8531 and ManageEngine Password Manager Pro versions from 8600 to 13230 are vulnerable to Authenticated SQL injection in the query report module...
CVE-2026-5785 SQL Injection
Zohocorp ManageEngine PAM360 versions before 8531 and ManageEngine Password Manager Pro versions from 8600 to 13230 are vulnerable to Authenticated SQL injection in the query report module...
ZOHO ManageEngine Password Manager Pro和ZOHO ManageEngine PAM360 安全漏洞
ZOHO ManageEngine Password Manager Pro and ZOHO ManageEngine PAM360 are both products of ZOHO Corporation in the United States. ZOHO ManageEngine Password Manager Pro is a password manager. ZOHO ManageEngine PAM360 is a complete PAM software solution. It provides full privilege access security fo...
PT-2026-33319
Name of the Vulnerable Software and Affected Versions ManageEngine PAM360 versions prior to 8531 ManageEngine Password Manager Pro versions 8600 through 13230 Description An authenticated SQL injection exists in the query report module. SQL injection is a type of flaw that allows an attacker to...
CVE-2025-11669
Zohocorp ManageEngine PAM360 versions before 8202; Password Manager Pro versions before 13221; Access Manager Plus versions prior to 4401 are vulnerable to an authorization issue in the initiate remote session functionality...
CVE-2025-11669
Zohocorp ManageEngine PAM360 versions before 8202; Password Manager Pro versions before 13221; Access Manager Plus versions prior to 4401 are vulnerable to an authorization issue in the initiate remote session functionality...
CVE-2025-11669
Zohocorp ManageEngine PAM360 versions before 8202; Password Manager Pro versions before 13221; Access Manager Plus versions prior to 4401 are vulnerable to an authorization issue in the initiate remote session functionality...
CVE-2025-11669 Broken Access Control
Zohocorp ManageEngine PAM360 versions before 8202; Password Manager Pro versions before 13221; Access Manager Plus versions prior to 4401 are vulnerable to an authorization issue in the initiate remote session functionality...
CVE-2025-11669 Broken Access Control
Zohocorp ManageEngine PAM360 versions before 8202; Password Manager Pro versions before 13221; Access Manager Plus versions prior to 4401 are vulnerable to an authorization issue in the initiate remote session functionality...
CVE-2025-11669
The vulnerability CVE-2025-11669 affects Zohocorp ManageEngine PAM360 (versions before 8202), Password Manager Pro (before 13221), and Access Manager Plus (before 4401). It is described as an authorization issue in the initiate remote session functionality. Remediation: upgrade PAM360 to 8202 or ...
ZOHO多款产品 安全漏洞
ZOHO Password Manager Pro PMP and so on are products of ZOHO USA company.ZOHO Password Manager Pro is a password manager.ZOHO ManageEngine Access Manager Plus is the ZOHO ManageEngine PAM360 is a complete PAM software. A security vulnerability exists in several ZOHO products, which stems from an...
PT-2026-2436
Name of the Vulnerable Software and Affected Versions ManageEngine PAM360 versions prior to 8202 Password Manager Pro versions prior to 13221 Access Manager Plus versions prior to 4401 Description The software is subject to an authorization issue within the initiate remote session functionality...
CVE-2023-4861
The File Manager Pro WordPress plugin before 1.8.1 allows admin users to upload arbitrary files, even in environments where such a user should not be able to gain full control of the server, such as a multisite installation. This leads to remote code execution...