Skip to main content

Manageengine It360

8 CVEs product

Monthly

CVE-2014-7866 HIGH POC THREAT Act Now

Multiple directory traversal vulnerabilities in ZOHO ManageEngine OpManager 8 (build 88xx) through 11.4, IT360 10.3 and 10.4, and Social IT Plus 11.0 allow remote attackers or remote authenticated. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 82.8%.

Path Traversal Zoho Manageengine Social It Plus Manageengine It360 Manageengine Opmanager
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
82.8%
Threat
5.5
CVE-2014-3997 HIGH POC This Week

SQL injection vulnerability in the MetadataServlet servlet in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition 5 through 7 build 7003, IT360. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Zoho SQLi Manageengine Password Manager Pro Manageengine It360
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
1.3%
CVE-2014-7868 HIGH POC THREAT Act Now

Multiple SQL injection vulnerabilities in ZOHO ManageEngine OpManager 11.3 and 11.4, IT360 10.3 and 10.4, and Social IT Plus 11.0 allow remote attackers or remote authenticated users to execute. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 69.7%.

Zoho SQLi Manageengine Social It Plus Manageengine Opmanager Manageengine It360
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
69.7%
Threat
5.1
CVE-2014-7867 HIGH PATCH Act Now

SQL injection vulnerability in the com.manageengine.opmanager.servlet.UpdateProbeUpgradeStatus servlet in ZOHO ManageEngine OpManager 11.3 and 11.4, IT360 10.3 and 10.4, and Social IT Plus 11.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 62.1%.

Zoho SQLi Manageengine Opmanager Manageengine Social It Plus Manageengine It360
NVD
CVSS 2.0
7.5
EPSS
62.1%
CVE-2014-6036 MEDIUM POC PATCH THREAT This Month

Directory traversal vulnerability in the multipartRequest servlet in ZOHO ManageEngine OpManager 11.3 and earlier, Social IT Plus 11.0, and IT360 10.3, 10.4, and earlier allows remote attackers or. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 36.5%.

Path Traversal Zoho Manageengine Opmanager Manageengine It360 Manageengine Social It Plus
NVD Exploit-DB
CVSS 2.0
6.4
EPSS
36.5%
CVE-2014-6034 MEDIUM POC PATCH THREAT This Month

Directory traversal vulnerability in the com.me.opmanager.extranet.remote.communication.fw.fe.FileCollector servlet in ZOHO ManageEngine OpManager 8.8 through 11.3, Social IT Plus 11.0, and IT360. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 86.6%.

Path Traversal Zoho Manageengine Social It Plus Manageengine It360 Manageengine Opmanager
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
86.6%
Threat
5.1
CVE-2014-5446 MEDIUM POC THREAT This Month

Directory traversal vulnerability in the DisplayChartPDF servlet in ZOHO ManageEngine Netflow Analyzer 8.6 through 10.2 and IT360 10.3 allows remote attackers and remote authenticated users to read. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 65.7%.

Path Traversal Zoho Manageengine It360 Manageengine Netflow Analyzer
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
65.7%
Threat
4.5
CVE-2014-5445 MEDIUM POC THREAT This Month

Multiple absolute path traversal vulnerabilities in ZOHO ManageEngine Netflow Analyzer 8.6 through 10.2 and IT360 10.3 allow remote attackers or remote authenticated users to read arbitrary files via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 91.0%.

Path Traversal Zoho Manageengine It360 Manageengine Netflow Analyzer
NVD GitHub Exploit-DB
CVSS 2.0
5.0
EPSS
91.0%
Threat
5.2
EPSS 83% 5.5 CVSS 7.5
HIGH POC THREAT Act Now

Multiple directory traversal vulnerabilities in ZOHO ManageEngine OpManager 8 (build 88xx) through 11.4, IT360 10.3 and 10.4, and Social IT Plus 11.0 allow remote attackers or remote authenticated. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 82.8%.

Path Traversal Zoho Manageengine Social It Plus +2
NVD Exploit-DB
EPSS 1% CVSS 7.5
HIGH POC This Week

SQL injection vulnerability in the MetadataServlet servlet in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition 5 through 7 build 7003, IT360. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Zoho SQLi Manageengine Password Manager Pro +1
NVD Exploit-DB
EPSS 70% 5.1 CVSS 7.5
HIGH POC THREAT Act Now

Multiple SQL injection vulnerabilities in ZOHO ManageEngine OpManager 11.3 and 11.4, IT360 10.3 and 10.4, and Social IT Plus 11.0 allow remote attackers or remote authenticated users to execute. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 69.7%.

Zoho SQLi Manageengine Social It Plus +2
NVD Exploit-DB
EPSS 62% CVSS 7.5
HIGH PATCH Act Now

SQL injection vulnerability in the com.manageengine.opmanager.servlet.UpdateProbeUpgradeStatus servlet in ZOHO ManageEngine OpManager 11.3 and 11.4, IT360 10.3 and 10.4, and Social IT Plus 11.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 62.1%.

Zoho SQLi Manageengine Opmanager +2
NVD
EPSS 36% CVSS 6.4
MEDIUM POC PATCH THREAT This Month

Directory traversal vulnerability in the multipartRequest servlet in ZOHO ManageEngine OpManager 11.3 and earlier, Social IT Plus 11.0, and IT360 10.3, 10.4, and earlier allows remote attackers or. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 36.5%.

Path Traversal Zoho Manageengine Opmanager +2
NVD Exploit-DB
EPSS 87% 5.1 CVSS 5.0
MEDIUM POC PATCH THREAT This Month

Directory traversal vulnerability in the com.me.opmanager.extranet.remote.communication.fw.fe.FileCollector servlet in ZOHO ManageEngine OpManager 8.8 through 11.3, Social IT Plus 11.0, and IT360. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 86.6%.

Path Traversal Zoho Manageengine Social It Plus +2
NVD Exploit-DB
EPSS 66% 4.5 CVSS 5.0
MEDIUM POC THREAT This Month

Directory traversal vulnerability in the DisplayChartPDF servlet in ZOHO ManageEngine Netflow Analyzer 8.6 through 10.2 and IT360 10.3 allows remote attackers and remote authenticated users to read. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 65.7%.

Path Traversal Zoho Manageengine It360 +1
NVD Exploit-DB
EPSS 91% 5.2 CVSS 5.0
MEDIUM POC THREAT This Month

Multiple absolute path traversal vulnerabilities in ZOHO ManageEngine Netflow Analyzer 8.6 through 10.2 and IT360 10.3 allow remote attackers or remote authenticated users to read arbitrary files via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 91.0%.

Path Traversal Zoho Manageengine It360 +1
NVD GitHub Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy