Latest Manageengine Vulnerabilities

CVE-2023-35719
(0Day) ManageEngine ADSelfService Plus GINA Client Insufficient Verification of Data Authenticity Authentication Bypass Vulnerability
Zohocorp Manageengine Adselfservice Plus=6.1-6122
ManageEngine ADSelfService Plus
ZDI-23-891
(0Day) ManageEngine ADSelfService Plus GINA Client Insufficient Verification of Data Authenticity Authentication Bypass Vulnerability
ManageEngine ADSelfService Plus
CVE-2022-40773
ManageEngine ServiceDesk Plus MSP exportMickeyList Improper Input Validation Privilege Escalation Vulnerability
Zoho ManageEngine ServiceDesk Plus (SDP) / SupportCenter Plus<10.6
Zoho ManageEngine ServiceDesk Plus (SDP) / SupportCenter Plus=10.6
Zoho ManageEngine ServiceDesk Plus (SDP) / SupportCenter Plus=10.6-10600
Zoho ManageEngine ServiceDesk Plus (SDP) / SupportCenter Plus=10.6-10601
Zoho ManageEngine ServiceDesk Plus (SDP) / SupportCenter Plus=10.6-10602
Zoho ManageEngine ServiceDesk Plus (SDP) / SupportCenter Plus=10.6-10603
and 32 more
CVE-2020-19554
Cross Site Scripting (XSS) vulnerability exists in ManageEngine OPManager <=12.5.174 when the API key contains an XML-based XSS payload.
ManageEngine OpManager<=12.5.174
CVE-2021-28960
Zoho ManageEngine Desktop Central before build 10.0.683 allows unauthenticated command injection due to improper handling of an input command in on-demand operations.
ManageEngine Desktop Central<10.0.683
CVE-2020-13818
ManageEngine OpManager OpmSkipFilter Directory Traversal Information Disclosure Vulnerability
Zohocorp Manageengine Opmanager<12.5
Zohocorp Manageengine Opmanager=12.5
Zohocorp Manageengine Opmanager=12.5-build125000
Zohocorp Manageengine Opmanager=12.5-build125002
Zohocorp Manageengine Opmanager=12.5-build125100
Zohocorp Manageengine Opmanager=12.5-build125101
and 21 more
CVE-2018-15608
Zoho ManageEngine ADManager Plus 6.5.7 allows HTML Injection on the "AD Delegation" "Help Desk Technicians" screen.
ManageEngine ADManager Plus=6.5.7
CVE-2016-9490
ManageEngine Applications Manager versions 12 and 13 before build 13200 suffer from a Reflected Cross-Site Scripting vulnerability. Applications Manager is prone to a Cross-Site Scripting vulnerabilit...
ManageEngine Applications Manager=12.0
ManageEngine Applications Manager=13.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203