Vulnerabilities
By Date By Type Known Exploited Assigners CVSS Scores EPSS Scores Search
Vulnerable Software
Vendors Products Version Search
Metasploit Modules CWE Definitions
Articles Blog

Zohocorp : Security Vulnerabilities CVSS score between 3 and 3.99

Published in:
2023 January   February   March   April   May   June   July   August   September  
CVSS Scores Greater Than: 0 1 2 3 4 5 6 7 8 9
In CISA KEV Catalog
Copy

CVE-2022-42903

Zoho ManageEngine SupportCenter Plus through 11024 allows low-privileged users to view the organization users list.
Max Base Score
3.3
Published 2022-11-17
Updated 2022-11-22
EPSS 0.06%

CVE-2015-5150

Multiple cross-site scripting (XSS) vulnerabilities in Zoho ManageEngine SupportCenter Plus 7.90 allow remote authenticated users to inject arbitrary web script or HTML via the (1) query parameter in the run_query_editor_query module to CustomReportHandler.do, (2) compAcct parameter to jsp/ResetADPwd.jsp, or (3) redirectTo parameter to jsp/CacheScreenWidth.jsp.
Max Base Score
3.5
Published 2015-06-30
Updated 2015-07-01
EPSS 0.16%

CVE-2015-5061

Cross-site scripting (XSS) vulnerability in Zoho ManageEngine AssetExplorer 6.1 service pack 6112 and earlier allows remote authenticated users with permissions to add new vendors to inject arbitrary web script or HTML via the organizationName parameter to VendorDef.do.
Max Base Score
3.5
Published 2015-06-24
Updated 2016-12-07
EPSS 0.09%

CVE-2014-2670

Cross-site scripting (XSS) vulnerability in Properties.do in ZOHO ManageEngine OpStor before build 8500 allows remote authenticated users to inject arbitrary web script or HTML via the name parameter, a different vulnerability than CVE-2014-0344.
Max Base Score
3.5
Published 2014-03-29
Updated 2015-07-24
EPSS 0.10%
4 vulnerabilities found
This web site uses cookies for managing your session and website analytics (Google analytics) purposes as described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close