Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
610042.5%HIGH

Related CVEs

10
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2024-37225Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Zoho Marketing Automation.This issue affects Zoho Marketing Automation: from n/a through 1.2.7.HIGH8.837.1%Jul 9, 2024
CVE-2024-32442Cross-Site Request Forgery (CSRF) vulnerability in Zoho Campaigns.This issue affects Zoho Campaigns: from n/a through 2.0.7.HIGH8.815.1%Apr 15, 2024
CVE-2024-32441Cross-Site Request Forgery (CSRF) vulnerability in Zoho Campaigns.This issue affects Zoho Campaigns: from n/a through 2.0.7.HIGH8.815.1%Apr 15, 2024
CVE-2021-42956Zoho Remote Access Plus Server Windows Desktop Binary fixed in 10.1.2132.6 is affected by a sensitive information disclosure vulnerability. Due to improper privilege management, the process launches as the logged in user, so memory dump can be done by non-admin also. Remotely, an attacker can dump all sensitive information including DB Connection string, entire IT infrastructure details, commands executed by IT admin including credentials, secrets, private keys and more.HIGH8.8Nov 17, 2021
CVE-2019-19306The Zoho CRM Lead Magnet plugin 1.6.9.1 for WordPress allows XSS via module, EditShortcode, or LayoutName.MEDIUM5.460.6%Nov 26, 2019
CVE-2019-15645The zoho-salesiq plugin before 1.0.9 for WordPress has CSRF.NONE47.9%Aug 27, 2019
CVE-2019-15644The zoho-salesiq plugin before 1.0.9 for WordPress has stored XSS.NONE55.8%Aug 27, 2019
CVE-2019-5963Cross-site request forgery (CSRF) vulnerability in Zoho SalesIQ 1.0.8 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.HIGH8.859.3%Jul 5, 2019
CVE-2019-5962Cross-site scripting vulnerability in Zoho SalesIQ 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.MEDIUM6.172.6%Jul 5, 2019
CVE-2014-6686The Zoho Books - Accounting App (aka com.zoho.books) application 3.1.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.NONE18.9%Sep 23, 2014