Vulnerabilidades en ManageEngine
86 resultadosCVE-2023-47211CRITICALA directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP requeEPSS 47.0%CVE-2025-3833HIGHSQL InjectionEPSS 27.8%CVE-2024-6748HIGHSQL InjectionEPSS 23.8%CVE-2016-9498—ManageEngine Applications Manager 12 and 13, allows unserialization of unsafe Java objectsEPSS 22.0%CVE-2025-36527HIGHSQL InjectionEPSS 20.2%CVE-2023-35719MEDIUMManageEngine ADSelfService Plus GINA Client Insufficient Verification of Data Authenticity Authentication Bypass VulnerabilityEPSS 19.9%CVE-2022-43473MEDIUMA blind XML External Entity (XXE) vulnerability exists in the Add UCS Device functionality of ManageEngine OpManager 12.6.168. A specially cEPSS 19.8%CVE-2024-0252HIGHRemote code executionEPSS 7.8%CVE-2024-36035HIGHSQL InjectionEPSS 7.4%CVE-2024-36034HIGHSQL InjectionEPSS 7.4%CVE-2024-5466HIGHRemote Code ExecutionEPSS 6.9%CVE-2024-0269HIGHSQL InjectionEPSS 5.4%CVE-2024-36517HIGHSQL InjectionEPSS 5.3%CVE-2024-5586HIGHSQL InjectionEPSS 5.2%CVE-2024-21775HIGHSQL InjectionEPSS 5.0%CVE-2024-0253HIGHSQL InjectionEPSS 5.0%CVE-2016-9488—ManageEngine Applications Manager versions 12 and 13 suffer from remote SQL injection vulnerabilitiesEPSS 4.8%CVE-2024-5527HIGHSQL InjectionEPSS 4.7%CVE-2024-5487HIGHSQL InjectionEPSS 4.7%CVE-2025-3836HIGHSQL InjectionEPSS 4.6%