zohocorp

CVE-2021-37927

February 23, 2023 by

Zoho ManageEngine ADManager Plus version 7110 and prior allows account takeover via SSO.

February 23, 2023 by

ManageEngine ADManager Plus before 7111 has Pre-authentication RCE vulnerabilities.

February 23, 2023 by

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file overwrite leading to remote code execution.

February 23, 2023 by

Zoho ManageEngine DesktopCentral before 10.0.709 allows anyone to get a valid user’s APIKEY without authentication.

February 23, 2023 by

Zoho ManageEngine ADSelfService Plus version 6103 and prior is vulnerable to reflected XSS on the loadframe page.

February 23, 2023 by

Zoho ManageEngine ADSelfService Plus version 6103 and prior allows CAPTCHA bypass due to improper parameter validation.