Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zohocorp manageengine adselfservice plus vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-37416
Zoho ManageEngine ADSelfService Plus version 6103 and prior is vulnerable to reflected XSS on the loadframe page.
Zohocorp Manageengine Adselfservice Plus
Zohocorp Manageengine Adselfservice Plus 6.1
4.3
CVSSv2
CVE-2021-31874
Zoho ManageEngine ADSelfService Plus prior to 6104, in rare situations, allows malicious users to obtain sensitive information about the password-sync database application.
Zohocorp Manageengine Adselfservice Plus
Zohocorp Manageengine Adselfservice Plus 6.1
4.3
CVSSv2
CVE-2021-27956
Zoho ManageEngine ADSelfService Plus prior to 6104 allows stored XSS on the /webclient/index.html#/directory-search user search page via the e-mail address field.
Zohocorp Manageengine Adselfservice Plus
Zohocorp Manageengine Adselfservice Plus 6.1
4.3
CVSSv2
CVE-2021-27214
A Server-side request forgery (SSRF) vulnerability in the ProductConfig servlet in Zoho ManageEngine ADSelfService Plus through 6013 allows a remote unauthenticated malicious user to perform blind HTTP requests or perform a Cross-site scripting (XSS) attack against the administra...
Zohocorp Manageengine Adselfservice Plus 6.0
4.3
CVSSv2
CVE-2019-8346
In Zoho ManageEngine ADSelfService Plus 5.x through 5704, an authorization.do cross-site Scripting (XSS) vulnerability allows for an unauthenticated manipulation of the JavaScript code by injecting the HTTP form parameter adscsrf. An attacker can use this to capture a user's...
Zohocorp Manageengine Adselfservice Plus 5.0
Zohocorp Manageengine Adselfservice Plus 5.1
Zohocorp Manageengine Adselfservice Plus 5.2
Zohocorp Manageengine Adselfservice Plus 5.3
Zohocorp Manageengine Adselfservice Plus 5.4
Zohocorp Manageengine Adselfservice Plus 5.5
Zohocorp Manageengine Adselfservice Plus 5.7
Zohocorp Manageengine Adselfservice Plus 5.6
4.3
CVSSv2
CVE-2019-11511
Zoho ManageEngine ADSelfService Plus before build 5708 has XSS via the mobile app API.
Zohocorp Manageengine Adselfservice Plus 5.7
4.3
CVSSv2
CVE-2018-20484
Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the self-update layout implementation.
Zohocorp Manageengine Adselfservice Plus 5.7
1 EDB exploit
4.3
CVSSv2
CVE-2018-20485
Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the employee search feature.
Zohocorp Manageengine Adselfservice Plus 4.5
Zohocorp Manageengine Adselfservice Plus 5.0
Zohocorp Manageengine Adselfservice Plus 5.1
Zohocorp Manageengine Adselfservice Plus 5.2
Zohocorp Manageengine Adselfservice Plus 5.3
Zohocorp Manageengine Adselfservice Plus 5.5
Zohocorp Manageengine Adselfservice Plus 5.6
Zohocorp Manageengine Adselfservice Plus 5.7
Zohocorp Manageengine Adselfservice Plus 5.4
1 EDB exploit
4.3
CVSSv2
CVE-2014-3779
Cross-site scripting (XSS) vulnerability in ZOHO ManageEngine ADSelfService Plus prior to 5.2 Build 5202 allows remote malicious users to inject arbitrary web script or HTML via the name parameter to GroupSubscription.do.
Zohocorp Manageengine Adselfservice Plus
4.3
CVSSv2
CVE-2011-5105
Multiple cross-site scripting (XSS) vulnerabilities in EmployeeSearch.cc in ZOHO ManageEngine ADSelfService Plus 4.5 Build 4521 allow remote malicious users to inject arbitrary web script or HTML via the (1) searchType and (2) searchString parameters, a different vulnerability th...
Zohocorp Manageengine Adselfservice Plus 4.5
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »