NotCVE - vendor:"Zohocorp"

Page 80 of 458 results (0.003 seconds)

CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0

CVE-2017-7213

https://notcve.org/view.php?id=CVE-2017-7213

Zoho ManageEngine Desktop Central before build 100082 allows remote attackers to obtain control over all connected active desktops via unspecified vectors. Zoho ManageEngine Desktop Central antes de la build 100082 permite a los atacantes remotos obtener el control sobre los escritorios activos conectados mediante vectores sin especificar. • https://www.manageengine.com/products/desktop-central/cve-2017-7213-remote-control-privilege-violation.html • CWE-20: Improper Input Validation •

CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-1161

https://notcve.org/view.php?id=CVE-2016-1161

Cross-site request forgery (CSRF) vulnerability in ManageEngine Password Manager Pro before 8.5 (Build 8500). Vulnerabilidad CSRF ManageEngine Password Manager Pro en versiones anteriores a 8.5 (Build 8500). • http://jvn.jp/en/vu/JVNVU95113461 http://www.securityfocus.com/bid/91531 https://www.excellium-services.com/cert-xlm-advisory/cve-2016-1161 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-4889

https://notcve.org/view.php?id=CVE-2016-4889

ZOHO ManageEngine ServiceDesk Plus before 9.0 allows remote authenticated guest users to have unspecified impact by leveraging failure to restrict access to unknown functions. ZOHO ManageEngine ServiceDesk Plus en versiones anteriores a 9.0 permite que los usuarios invitados autenticados remotos tengan un impacto no especificado al aprovechar el fallo para restringir el acceso a funciones desconocidas. • http://jvn.jp/en/jp/JVN89726415/index.html http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000170.html http://www.securityfocus.com/bid/93215 https://www.manageengine.com/products/service-desk/readme-9.0.html • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-4888

https://notcve.org/view.php?id=CVE-2016-4888

Cross-site scripting (XSS) vulnerability in ZOHO ManageEngine ServiceDesk Plus before 9.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad XSS en ZOHO ManageEngine ServiceDesk Plus en versiones anteriores a 9.2 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://jvn.jp/en/jp/JVN50347324/index.html http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000169.html http://www.securityfocus.com/bid/93214 https://www.manageengine.com/products/service-desk/readme-9.2.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-4890

https://notcve.org/view.php?id=CVE-2016-4890

ZOHO ManageEngine ServiceDesk Plus before 9.2 uses an insecure method for generating cookies, which makes it easier for attackers to obtain sensitive password information by leveraging access to a cookie. ZOHO ManageEngine ServiceDesk Plus en versiones anteriores a 9.2 utiliza un método inseguro para generar cookies, lo que facilita a los atacantes la obtención de información confidencial de contraseñas aprovechando el acceso a una cookie. • http://jvn.jp/en/jp/JVN72559412/index.html http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000171.html http://www.securityfocus.com/bid/93216 https://www.manageengine.com/products/service-desk/readme-9.2.html • CWE-254: 7PK - Security Features •

1...78 79 80 81 82