Known Vulnerabilities for products from Zohocorp
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Zohocorp".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-28756 json | Not Provided | 2026-04-03 | 2026-04-03 | |
| CVE-2026-28754 json | Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Distribution Lists rep... | Not Provided | 2026-04-03 | 2026-04-03 |
| CVE-2026-28703 json | Not Provided | 2026-04-03 | 2026-04-03 | |
| CVE-2026-27655 json | Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions Based on Mailb... | Not Provided | 2026-04-03 | 2026-04-03 |
| CVE-2026-5785 json | Not Provided | 2026-04-16 | 2026-04-17 | |
| CVE-2026-4108 json | Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Non-Owner Mailbox Permiss... | Not Provided | 2026-04-03 | 2026-04-03 |
| CVE-2026-4107 json | Not Provided | 2026-04-03 | 2026-04-03 | |
| CVE-2026-3880 json | Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Public Folder Client Permi... | Not Provided | 2026-04-03 | 2026-04-03 |
| CVE-2026-3879 json | Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Equipment Mailbox Details�... | Not Provided | 2026-04-03 | 2026-04-03 |
| CVE-2026-3324 json | Not Provided | 2026-04-16 | 2026-04-16 | |
| CVE-2024-0252 json | 8.8 - HIGH | 2024-01-11 | 2024-01-19 | |
| CVE-2023-50891 json | 5.4 - MEDIUM | 2023-12-29 | 2024-01-05 | |
| CVE-2023-50785 json | 2.7 - LOW | 2024-01-25 | 2024-01-31 | |
| CVE-2023-49943 json | 5.4 - MEDIUM | 2024-01-18 | 2024-01-25 | |
| CVE-2023-48646 json | 7.2 - HIGH | 2023-11-22 | 2023-12-01 | |
| CVE-2023-41904 json | Zoho ManageEngine ADManager Plus before 7203 allows 2FA bypass (for AuthToken generation) in REST APIs. | 5.4 - MEDIUM | 2023-09-27 | 2023-09-28 |
| CVE-2023-39912 json | Zoho ManageEngine ADManager Plus through 7202 allows admin users to download any file from the server machine via directory t... | 4.9 - MEDIUM | 2023-08-31 | 2024-01-01 |
| CVE-2023-38743 json | Zoho ManageEngine ADManager Plus before Build 7200 allows admin users to execute commands on the host machine. | 7.2 - HIGH | 2023-09-11 | 2023-09-13 |
| CVE-2023-38333 json | Zoho ManageEngine Applications Manager through 16530 allows reflected XSS while logged in. | 6.1 - MEDIUM | 2023-08-10 | 2023-08-15 |
| CVE-2023-38332 json | Zoho ManageEngine ADManager Plus through 7201 allow authenticated users to take over another user's account via sensitive inf... | 6.5 - MEDIUM | 2023-08-04 | 2023-08-09 |