• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

zohocorp

CVE-2022-23779

February 23, 2023 by

Zoho ManageEngine Desktop Central before 10.1.2137.8 exposes the installed server name to anyone. The internal hostname can be discovered by reading HTTP redirect responses.

CVE-2022-23050

February 23, 2023 by

ManageEngine AppManager15 (Build No:15510) allows an authenticated admin user to upload a DLL file to perform a DLL hijack attack inside the ‘working’ folder through the ‘Upload Files / Binaries’ functionality.

CVE-2023-23075

February 22, 2023 by godfreyd94

Cross Site Scripting (XSS) vulnerability in Zoho Asset Explorer 6.9 via the credential name when creating a new Assets Workstation.

CVE-2023-0169

February 22, 2023 by godfreyd94

The Zoho Forms WordPress plugin before 3.0.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 18
  • Go to page 19
  • Go to page 20

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE