Vulnerabilities (CVE)

Filtered by vendor Zohocorp Subscribe
Filtered by product Manageengine Desktop Central Managed Service Providers
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-44757 1 Zohocorp 2 Manageengine Desktop Central, Manageengine Desktop Central Managed Service Providers 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
Zoho ManageEngine Desktop Central before 10.1.2137.9 and Desktop Central MSP before 10.1.2137.9 allow attackers to bypass authentication, and read sensitive information or upload an arbitrary ZIP archive to the server.
CVE-2014-5007 1 Zohocorp 2 Manageengine Desktop Central, Manageengine Desktop Central Managed Service Providers 2024-11-21 10.0 HIGH 9.8 CRITICAL
Directory traversal vulnerability in the agentLogUploader servlet in ZOHO ManageEngine Desktop Central (DC) and Desktop Central Managed Service Providers (MSP) edition before 9 build 90055 allows remote attackers to write to and execute arbitrary files as SYSTEM via a .. (dot dot) in the filename parameter.