Zohocorp : Security Vulnerabilities, CVEs, Published In 2021 (Sql injection)
Zoho ManageEngine OpManager version 125466 and below is vulnerable to SQL Injection in the getReportData API.
Max CVSS
9.8
EPSS Score
0.61%
Published
2021-09-30
Updated
2021-10-07
Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a configuration search.
Max CVSS
9.8
EPSS Score
2.81%
Published
2021-11-11
Updated
2023-02-22
Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a hardware details search.
Max CVSS
9.8
EPSS Score
2.81%
Published
2021-11-11
Updated
2023-02-22
The NetFlow Analyzer in Zoho ManageEngine OpManger before 125455 is vulnerable to SQL Injection in the Attacks Module API.
Max CVSS
9.8
EPSS Score
0.61%
Published
2021-10-13
Updated
2021-10-19
Zoho ManageEngine OpManager before 125437 is vulnerable to SQL Injection in the support diagnostics module. This occurs via the pollingObject parameter of the getDataCollectionFailureReason API.
Max CVSS
9.8
EPSS Score
1.19%
Published
2021-10-13
Updated
2021-10-19
Zoho ManageEngine ADSelfService Plus 6111 and prior is vulnerable to SQL Injection while linking the databases.
Max CVSS
9.8
EPSS Score
1.04%
Published
2021-09-10
Updated
2021-09-17
doFilter in com.adventnet.appmanager.filter.UriCollector in Zoho ManageEngine Applications Manager through 14930 allows an authenticated SQL Injection via the resourceid parameter to showresource.do.
Max CVSS
8.8
EPSS Score
0.43%
Published
2021-02-05
Updated
2021-02-17
Zoho ManageEngine Applications Manager before 14 build 14880 allows an authenticated SQL Injection via a crafted Alarmview request.
Max CVSS
8.8
EPSS Score
1.53%
Published
2021-01-19
Updated
2022-10-07
8 vulnerabilities found