4 matches found
CVE-2022-26777
Zoho ManageEngine Remote Access Plus before 10.1.2137.15 allows guest users to view license details...
Zoho ManageEngine Remote Access Plus Trust Management Issue Vulnerability (CNVD-2022-09266)
ZOHO ManageEngine Remote Access Plus is a remote access solution from ZOHO, Inc. A trust management issue vulnerability previously existed in Zoho ManageEngine Remote Access Plus 10.1.2121.1, which stems from the fact that the affected product has hard-coded credentials for read-only The...
CVE-2019-16268
Zoho ManageEngine Remote Access Plus 10.0.259 allows HTML injection via the Description field on the Admin - User Administration userMgmt.do?actionToCall=ShowUser screen...
CVE-2019-11361
Zoho ManageEngine Remote Access Plus 10.0.258 does not validate user permissions properly, allowing for privilege escalation and eventually a full application takeover...