Skip to main content
CVE-2014-7868 HIGH POC THREAT Act Now

Multiple SQL injection vulnerabilities in ZOHO ManageEngine OpManager 11.3 and 11.4, IT360 10.3 and 10.4, and Social IT Plus 11.0 allow remote attackers or remote authenticated users to execute. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 69.7%.

Zoho SQLi Manageengine Social It Plus Manageengine Opmanager Manageengine It360
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
69.7%
Threat
5.1
CVE-2014-7867 HIGH PATCH Act Now

SQL injection vulnerability in the com.manageengine.opmanager.servlet.UpdateProbeUpgradeStatus servlet in ZOHO ManageEngine OpManager 11.3 and 11.4, IT360 10.3 and 10.4, and Social IT Plus 11.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 62.1%.

Zoho SQLi Manageengine Opmanager Manageengine Social It Plus Manageengine It360
NVD
CVSS 2.0
7.5
EPSS
62.1%
CVE-2014-6035 HIGH POC PATCH THREAT Act Now

Directory traversal vulnerability in the FileCollector servlet in ZOHO ManageEngine OpManager 11.4, 11.3, and earlier allows remote attackers to write and execute arbitrary files via a .. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 11.6%.

Path Traversal Zoho Manageengine Opmanager
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
11.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy