Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
manageengine admanager plus vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv3
CVE-2023-35786
Zoho ManageEngine ADManager Plus prior to 7183 allows admin users to exploit an XXE issue to view files.
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
7.2
CVSSv3
CVE-2022-42904
Zoho ManageEngine ADManager Plus through 7151 allows authenticated admin users to execute the commands in proxy settings.
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
5.4
CVSSv3
CVE-2023-41904
Zoho ManageEngine ADManager Plus prior to 7203 allows 2FA bypass (for AuthToken generation) in REST APIs.
Zohocorp Manageengine Admanager Plus
Zohocorp Manageengine Admanager Plus 7.2
6.5
CVSSv3
CVE-2023-38332
Zoho ManageEngine ADManager Plus through 7201 allow authenticated users to take over another user's account via sensitive information disclosure.
Zohocorp Manageengine Admanager Plus
Zohocorp Manageengine Admanager Plus 7.2
7.2
CVSSv3
CVE-2023-29084
Zoho ManageEngine ADManager Plus prior to 7181 allows for authenticated users to exploit command injection via Proxy settings.
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
1 Github repository
6.5
CVSSv3
CVE-2023-31492
Zoho ManageEngine ADManager Plus version 7182 and prior disclosed the default passwords for the account restoration of unauthorized domains to the authenticated users.
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
6.1
CVSSv3
CVE-2020-35594
Zoho ManageEngine ADManager Plus prior to 7066 allows XSS.
Zohocorp Manageengine Admanager Plus
Zohocorp Manageengine Admanager Plus 7.0
9.8
CVSSv3
CVE-2021-42002
Zoho ManageEngine ADManager Plus prior to 7115 is vulnerable to a filter bypass that leads to file-upload remote code execution.
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
8.8
CVSSv3
CVE-2021-20130
ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the PasswordExpiry interface.
Zohocorp Manageengine Admanager Plus
Zohocorp Manageengine Admanager Plus 7.1
8.8
CVSSv3
CVE-2021-20131
ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the Personalization interface.
Zohocorp Manageengine Admanager Plus
Zohocorp Manageengine Admanager Plus 7.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »