Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Manageengine log360'
2021-11-01
CVE-2021-20136
CWE-863
ManageEngine Log360 Builds < 5235 are affected by an improper access control vulnerability allowing database configuration overwrite. An unauthenticated remote attacker can send a specially crafted message to Log360 to change its backend database to an attacker-controlled database and to force Log360 to restart. An attacker can leverage this vulnerability to achieve remote code execution by replacing files executed by Log360 on startup.
2021-08-29
CVE-2021-40172
CWE-352
Zoho ManageEngine Log360 before Build 5219 allows a CSRF attack on proxy settings.
CVE-2021-40174
CWE-352
Zoho ManageEngine Log360 before Build 5224 allows a CSRF attack for disabling the logon security settings.
CVE-2021-40175
CWE-434
Zoho ManageEngine Log360 before Build 5219 allows unrestricted file upload with resultant remote code execution.
CVE-2021-40176
CWE-79
Zoho ManageEngine Log360 before Build 5225 allows stored XSS.
CVE-2021-40177
NVD-CWE-noinfo
Zoho ManageEngine Log360 before Build 5225 allows remote code execution via BCP file overwrite.
CVE-2021-40178
CWE-79
Zoho ManageEngine Log360 before Build 5224 allows stored XSS via the LOGO_PATH key value in the logon settings.
>>>
Vendor:
Zohocorp
47
Products
Manageengine netflow analyzer
Manageengine opmanager
Firewall analyzer
Opmanager
Servicedesk plus
Oputils
Webnms
Password manager pro
Manageengine adselfservice plus
Manageengine admanager plus
Manageengine assetexplorer
Manageengine opstor
Manageengine eventlog analyzer
Network configuration manager
Manageengine desktop central
Manageengine it360
Manageengine it plus
Manageengine social it plus
Manageengine supportcenter plus
Manageengine password manager pro
Webnms framework
Manageengine firewall analyzer
Site24x7 mobile network poller
Manageengine applications manager
Manageengine recovery manager plus
Manageengine servicedesk plus
Manageengine analytics plus
Manageengine browser security plus
Manageengine firewall
Manageengine key manager plus
Manageengine mobile device manager plus
Manageengine network configuration manager
Manageengine o365 manager plus
Manageengine oputils
Manageengine patch connect plus
Manageengine patch manager plus
Manageengine vulnerability manager plus
Manageengine desktop central managed service providers
Manageengine remote access plus
Manageengine adaudit plus
Manageengine datasecurity plus
Manageengine applications control plus
Manageengine servicedesk plus msp
Manageengine log360
Manageengine cloud security plus
Manageengine m365 manager plus
Manageengine sharepoint manager plus
Copyright
2024
, cxsecurity.com
Back to Top
Vulnerabilities for 'Manageengine log360' 