77 matches found
CVE-2022-26777
Zoho ManageEngine Remote Access Plus before 10.1.2137.15 allows guest users to view license details...
CVE-2022-26653
Zoho ManageEngine Remote Access Plus before 10.1.2137.15 allows guest users to view domain details such as the username and GUID of an administrator...
CVE-2019-20474
An issue was discovered in Zoho ManageEngine Remote Access Plus 10.0.447. The service to test the mail-server configuration suffers from an authorization issue allowing a user with the Guest role read-only access to use and abuse it. One of the abuses allows performing network and port scan...
CVE-2019-16268
Zoho ManageEngine Remote Access Plus 10.0.259 allows HTML injection via the Description field on the Admin - User Administration userMgmt.do?actionToCall=ShowUser screen...
EUVD-2019-11019
Malware in sbrugna...
EUVD-2019-3039
Malware in sbrugna...
EUVD-2021-29910
Malicious code in bioql PyPI...
EUVD-2022-31327
Malicious code in bioql PyPI...
EUVD-2021-28830
Malicious code in bioql PyPI...
CVE-2021-42954
Zoho Remote Access Plus Server Windows Desktop Binary fixed from 10.1.2121.1 is affected by incorrect access control. The installation directory is vulnerable to weak file permissions by allowing full control for Windows Everyone user group non-admin or any guest users, thereby allowing privilege...
CVE-2021-42955
Zoho Remote Access Plus Server Windows Desktop binary fixed in version 10.1.2132 is affected by an unauthorized password reset vulnerability. Because of the designed password reset mechanism, any non-admin Windows user can reset the password of the Remote Access Plus Server Admin account...
CVE-2020-8422
An authorization issue was discovered in the Credential Manager feature in Zoho ManageEngine Remote Access Plus before 10.0.450. A user with the Guest role can extract the collection of all defined credentials of remote machines: the credential name, credential type, user name, domain/workgroup...
Zoho ManageEngine Remote Access Plus Information Disclosure Vulnerability (CNVD-2022-36049)
Zoho ManageEngine Remote Access Plus is a remote access solution from ZOHO, Inc. A security vulnerability exists prior to Zoho ManageEngine Remote Access Plus 10.1.2137.15, which could be exploited by attackers to view license details...
Zoho ManageEngine Remote Access Plus Information Disclosure Vulnerability (CNVD-2022-36050)
Zoho ManageEngine Remote Access Plus is a remote access solution from ZOHO, Inc. A security vulnerability exists in Zoho ManageEngine Remote Access Plus, which could be exploited by an attacker to allow guest users to view domain details such as the administrator's username and GUID...
CVE-2022-26777
Zoho ManageEngine Remote Access Plus before 10.1.2137.15 allows guest users to view license details...
CVE-2022-26653
Zoho ManageEngine Remote Access Plus before 10.1.2137.15 allows guest users to view domain details such as the username and GUID of an administrator...
CVE-2022-26653
Zoho ManageEngine Remote Access Plus before 10.1.2137.15 allows guest users to view domain details such as the username and GUID of an administrator...
CVE-2022-26777
Zoho ManageEngine Remote Access Plus before 10.1.2137.15 allows guest users to view license details...
CVE-2022-26653
Zoho ManageEngine Remote Access Plus before 10.1.2137.15 allows guest users to view domain details such as the username and GUID of an administrator...
Design/Logic Flaw
Zoho ManageEngine Remote Access Plus before 10.1.2137.15 allows guest users to view domain details such as the username and GUID of an administrator...