Zohocorp Manageengine_desktop_central
7 CVEs affecting Zohocorp Manageengine_desktop_central. Latest disclosed: 2017-08-02. Critical: 3, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-7213 | Critical | 10.0 | 2017-05-15 | Zoho ManageEngine Desktop Central before build 100082 allows remote attackers to obtain control over all connected active desktops via unspecified vectors. |
CVE-2015-2560 | Critical | 9.8 | 2017-08-02 | Manage Engine Desktop Central 9 before build 90135 allows remote attackers to change passwords of users with the Administrator role via an addOrModifyUser oper… |
CVE-2017-11346 | Critical | 9.8 | 2017-07-17 | Zoho ManageEngine Desktop Central before build 100092 allows remote attackers to execute arbitrary code via vectors involving the upload of help desk videos. |
CVE-2014-9331 | | 2015-02-04 | Cross-site request forgery (CSRF) vulnerability in ZOHO ManageEngine Desktop Central before 9 build 90130 allows remote attackers to hijack the authentication… | |
CVE-2014-9371 | | 2014-12-16 | The NativeAppServlet in ManageEngine Desktop Central MSP before 90075 allows remote attackers to execute arbitrary code via a crafted JSON object. | |
CVE-2014-5006 | | 2014-10-21 | Directory traversal vulnerability in ZOHO ManageEngine Desktop Central (DC) before 9 build 90055 allows remote attackers to execute arbitrary code via a .. (do… | |
CVE-2014-5005 | | 2014-10-21 | Directory traversal vulnerability in ZOHO ManageEngine Desktop Central (DC) before 9 build 90055 allows remote attackers to execute arbitrary code via a .. (do… |