cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-5466,https://securityvulnerability.io/vulnerability/CVE-2024-5466,ManageEngine OpManager Vulnerable to Remote Code Execution,"ZohoCorp's ManageEngine OpManager and Remote Monitoring and Management are affected by an authenticated remote code execution vulnerability. This flaw, present in versions 128329 and below, allows attackers to exploit the deploy agent option, potentially leading to unauthorized execution of malicious code within the system. Users of these products should prioritize reviewing their configurations and applying necessary updates to mitigate associated risks.",Manageengine,"Opmanager, Remote Monitoring And Management",8.8,HIGH,0.0027199999894946814,false,,false,false,false,,,false,false,,2024-08-23T13:23:22.144Z,0
CVE-2024-38870,https://securityvulnerability.io/vulnerability/CVE-2024-38870,ManageEngine OpManager vulnerable to Stored XSS vulnerability,"Zohocorp ManageEngine OpManager, OpManager Plus, OpManager MSP and OpManager Enterprise Edition versions before 128104, from 128151 before 128238, from 128247 before 128250 are vulnerable to Stored XSS vulnerability in reports module.",Manageengine,"Opmanager, Opmanager Plus, Opmanager Msp, Opmanager Enterprise Edition",3.5,LOW,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-17T16:48:58.815Z,0
CVE-2024-36038,https://securityvulnerability.io/vulnerability/CVE-2024-36038,Zoho ManageEngine ITOM Proxy Server Cross-Site Scripting Vulnerability,"Zoho ManageEngine ITOM products from version 128234 to 128248 are susceptible to a stored cross-site scripting vulnerability in the proxy server option. This vulnerability allows attackers to inject malicious scripts that are stored on the server and executed in the context of users accessing the affected ITOM services. Exploitation of this vulnerability may lead to unauthorized access, data manipulation, and a potential compromise of user credentials, thus posing significant security risks to organizations utilizing these products.",Manageengine,Opmanager,6.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-06-24T11:45:11.075Z,0
CVE-2022-43473,https://securityvulnerability.io/vulnerability/CVE-2022-43473,Blind XML External Entity Vulnerability in ManageEngine OpManager,"A blind XML External Entity (XXE) vulnerability exists in the Add UCS Device functionality of ManageEngine OpManager. This flaw allows attackers to exploit the system by supplying a specially crafted XML file, leading to potential Server-Side Request Forgery (SSRF). It is crucial for users of affected versions to apply security measures to safeguard their systems against this vulnerability.",Manageengine,Opmanager,5.8,MEDIUM,0.0032399999909102917,false,,false,false,false,,,false,false,,2023-03-30T16:28:35.983Z,0
CVE-2020-19554,https://securityvulnerability.io/vulnerability/CVE-2020-19554,Cross Site Scripting Vulnerability in ManageEngine OPManager by Zoho,"A Cross Site Scripting (XSS) vulnerability is present in ManageEngine OPManager versions up to 12.5.174. This flaw can be exploited when an API key is crafted to include an XML-based XSS payload, leading to the potential execution of malicious scripts in a user's browser. Such an attack could allow an attacker to hijack user sessions or redirect victims to malicious websites, posing significant risks to network integrity and user privacy.",Manageengine,Opmanager,6.1,MEDIUM,0.0010900000343099236,false,,false,false,false,,,false,false,,2021-09-21T19:07:47.000Z,0
CVE-2007-5891,https://securityvulnerability.io/vulnerability/CVE-2007-5891,,"Multiple cross-site scripting (XSS) vulnerabilities in jsp/Login.do in ManageEngine OpManager MSP Edition and OpManager 7.0 allow remote attackers to inject arbitrary web script or HTML via the (1) requestid, (2) fileid, (3) woMode, and (2) woID parameters.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.",Manageengine,"Opmanager,Opmanager Msp",,,0.002300000051036477,false,,false,false,false,,,false,false,,2007-11-08T02:00:00.000Z,0