Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zohocorp manageengine admanager plus 7.1 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2023-31492
Zoho ManageEngine ADManager Plus version 7182 and prior disclosed the default passwords for the account restoration of unauthorized domains to the authenticated users.
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
4.9
CVSSv3
CVE-2023-35786
Zoho ManageEngine ADManager Plus prior to 7183 allows admin users to exploit an XXE issue to view files.
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
7.2
CVSSv3
CVE-2023-29084
Zoho ManageEngine ADManager Plus prior to 7181 allows for authenticated users to exploit command injection via Proxy settings.
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
1 Github repository
9.8
CVSSv3
CVE-2022-47966
Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache Santuario xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsib...
Zohocorp Manageengine Access Manager Plus 4.3
Zohocorp Manageengine Access Manager Plus
Zohocorp Manageengine Ad360
Zohocorp Manageengine Ad360 4.3
Zohocorp Manageengine Adaudit Plus 7.0
Zohocorp Manageengine Adaudit Plus
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
Zohocorp Manageengine Adselfservice Plus 6.2
Zohocorp Manageengine Adselfservice Plus
Zohocorp Manageengine Analytics Plus
Zohocorp Manageengine Analytics Plus 5.1
Zohocorp Manageengine Assetexplorer 6.9
Zohocorp Manageengine Assetexplorer
Zohocorp Manageengine Key Manager Plus
Zohocorp Manageengine Key Manager Plus 6.4
Zohocorp Manageengine Pam360 5.7
Zohocorp Manageengine Pam360
Zohocorp Manageengine Password Manager Pro
Zohocorp Manageengine Password Manager Pro 12.1
Zohocorp Manageengine Servicedesk Plus
Zohocorp Manageengine Servicedesk Plus 14.0
2 Metasploit modules
6 Github repositories
2 Articles
7.2
CVSSv3
CVE-2022-42904
Zoho ManageEngine ADManager Plus through 7151 allows authenticated admin users to execute the commands in proxy settings.
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
8.8
CVSSv3
CVE-2022-29457
Zoho ManageEngine ADSelfService Plus prior to 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701, and ADManagerPlus 7131 allow NTLM Hash disclosure during certain storage-path configuration steps.
Zohocorp Manageengine Adselfservice Plus 6.1
Zohocorp Manageengine Adselfservice Plus
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
Zohocorp Manageengine Adaudit Plus 7.0.0
Zohocorp Manageengine Adaudit Plus
Zohocorp Manageengine Exchange Reporter Plus 5.7
Zohocorp Manageengine Exchange Reporter Plus
9.8
CVSSv3
CVE-2021-42002
Zoho ManageEngine ADManager Plus prior to 7115 is vulnerable to a filter bypass that leads to file-upload remote code execution.
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
8.8
CVSSv3
CVE-2021-20130
ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the PasswordExpiry interface.
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
8.8
CVSSv3
CVE-2021-20131
ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the Personalization interface.
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
9.8
CVSSv3
CVE-2021-38298
Zoho ManageEngine ADManager Plus prior to 7110 is vulnerable to blind XXE.
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »