Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
manageengine vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2021-37927
Zoho ManageEngine ADManager Plus version 7110 and prior allows account takeover via SSO.
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
668
VMScore
CVE-2021-37424
ManageEngine ADSelfService Plus prior to 6112 is vulnerable to domain user account takeover.
Zohocorp Manageengine Admanager Plus
Zohocorp Manageengine Admanager Plus 6.1
668
VMScore
CVE-2021-28960
Zoho ManageEngine Desktop Central before build 10.0.683 allows unauthenticated command injection due to improper handling of an input command in on-demand operations.
Manageengine Desktop Central
668
VMScore
CVE-2021-37422
Zoho ManageEngine ADSelfService Plus 6111 and prior is vulnerable to SQL Injection while linking the databases.
Zohocorp Manageengine Adselfservice Plus 6.1
Zohocorp Manageengine Adselfservice Plus
668
VMScore
CVE-2021-37423
Zoho ManageEngine ADSelfService Plus 6111 and prior is vulnerable to linked applications takeover.
Zohocorp Manageengine Adselfservice Plus 6.1
Zohocorp Manageengine Adselfservice Plus
668
VMScore
CVE-2021-40539
Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.
Zohocorp Manageengine Adselfservice Plus 5.7
Zohocorp Manageengine Adselfservice Plus 5.0
Zohocorp Manageengine Adselfservice Plus 5.1
Zohocorp Manageengine Adselfservice Plus 5.2
Zohocorp Manageengine Adselfservice Plus 5.3
Zohocorp Manageengine Adselfservice Plus 5.4
Zohocorp Manageengine Adselfservice Plus 5.5
Zohocorp Manageengine Adselfservice Plus 5.6
Zohocorp Manageengine Adselfservice Plus 4.5
Zohocorp Manageengine Adselfservice Plus 5.8
Zohocorp Manageengine Adselfservice Plus 6.0
Zohocorp Manageengine Adselfservice Plus 6.1
Zohocorp Manageengine Adselfservice Plus 5.0.6
2 Github repositories
4 Articles
668
VMScore
CVE-2021-37415
Zoho ManageEngine ServiceDesk Plus prior to 11302 is vulnerable to authentication bypass that allows a few REST-API URLs without authentication.
Zohocorp Manageengine Servicedesk Plus 11.1
Zohocorp Manageengine Servicedesk Plus 11.0
Zohocorp Manageengine Servicedesk Plus 11.2
Zohocorp Manageengine Servicedesk Plus 11.3
668
VMScore
CVE-2021-37421
Zoho ManageEngine ADSelfService Plus 6103 and prior is vulnerable to admin portal access-restriction bypass.
Zohocorp Manageengine Adselfservice Plus 6.1
Zohocorp Manageengine Adselfservice Plus
668
VMScore
CVE-2021-40175
Zoho ManageEngine Log360 before Build 5219 allows unrestricted file upload with resultant remote code execution.
Zohocorp Manageengine Log360 5.2
Zohocorp Manageengine Log360
668
VMScore
CVE-2021-40177
Zoho ManageEngine Log360 before Build 5225 allows remote code execution via BCP file overwrite.
Zohocorp Manageengine Log360 5.2
Zohocorp Manageengine Log360
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »