Manageengine - Desktop Central CVE

Filtered by vendor Manageengine Subscribe

Filtered by product Desktop Central

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-28960	1 Manageengine	1 Desktop Central	2021-11-28	7.5 HIGH	9.8 CRITICAL
Zoho ManageEngine Desktop Central before build 10.0.683 allows unauthenticated command injection due to improper handling of an input command in on-demand operations.
CVE-2015-8249	1 Manageengine	1 Desktop Central	2017-10-06	10.0 HIGH	9.8 CRITICAL
The FileUploadServlet class in ManageEngine Desktop Central 9 before build 91093 allows remote attackers to upload and execute arbitrary files via the ConnectionId parameter.

Vulnerabilities (CVE)