Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
manageengine adselfservice plus vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-3779
Cross-site scripting (XSS) vulnerability in ZOHO ManageEngine ADSelfService Plus prior to 5.2 Build 5202 allows remote malicious users to inject arbitrary web script or HTML via the name parameter to GroupSubscription.do.
Zohocorp Manageengine Adselfservice Plus
NA
CVE-2010-3274
Multiple cross-site scripting (XSS) vulnerabilities in EmployeeSearch.cc in the Employee Search Engine in ZOHO ManageEngine ADSelfService Plus prior to 4.5 Build 4500 allow remote malicious users to inject arbitrary web script or HTML via the searchString parameter in a (1) showL...
Zohocorp Manageengine Adselfservice Plus
1 EDB exploit
9.8
CVSSv3
CVE-2018-20664
Zoho ManageEngine ADSelfService Plus 5.x before build 5701 has XXE via an uploaded product license.
Zohocorp Manageengine Adselfservice Plus 5.7
NA
CVE-2011-5105
Multiple cross-site scripting (XSS) vulnerabilities in EmployeeSearch.cc in ZOHO ManageEngine ADSelfService Plus 4.5 Build 4521 allow remote malicious users to inject arbitrary web script or HTML via the (1) searchType and (2) searchString parameters, a different vulnerability th...
Zohocorp Manageengine Adselfservice Plus 4.5
1 EDB exploit
6.8
CVSSv3
CVE-2023-35719
ManageEngine ADSelfService Plus GINA Client Insufficient Verification of Data Authenticity Authentication Bypass Vulnerability. This vulnerability allows physically present malicious users to execute arbitrary code on affected installations of ManageEngine ADSelfService Plus. Aut...
Zohocorp Manageengine Adselfservice Plus 6.1
6.1
CVSSv3
CVE-2021-27214
A Server-side request forgery (SSRF) vulnerability in the ProductConfig servlet in Zoho ManageEngine ADSelfService Plus through 6013 allows a remote unauthenticated malicious user to perform blind HTTP requests or perform a Cross-site scripting (XSS) attack against the administra...
Zohocorp Manageengine Adselfservice Plus 6.0
6.1
CVSSv3
CVE-2018-20484
Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the self-update layout implementation.
Zohocorp Manageengine Adselfservice Plus 5.7
1 EDB exploit
9.1
CVSSv3
CVE-2019-7162
An issue exists in Zoho ManageEngine ADSelfService Plus 5.6 Build 5607. An exposed service allows an unauthenticated person to retrieve internal information from the system and modify the product installation.
Zohocorp Manageengine Adselfservice Plus 5.6
8.8
CVSSv3
CVE-2021-33256
A CSV injection vulnerability on the login panel of ManageEngine ADSelfService Plus Version: 6.1 Build No: 6101 can be exploited by an unauthenticated user. The j_username parameter seems to be vulnerable and a reverse shell could be obtained if a privileged user exports "Us...
Zohocorp Manageengine Adselfservice Plus 6.1
6.1
CVSSv3
CVE-2019-11511
Zoho ManageEngine ADSelfService Plus before build 5708 has XSS via the mobile app API.
Zohocorp Manageengine Adselfservice Plus 5.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »