Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
password manager vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2014-8498
SQL injection vulnerability in BulkEditSearchResult.cc in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition prior to 7.1 build 7105 allows remote authenticated users to execute arbitrary SQL commands via the SEARCH_ALL parame...
Zohocorp Manageengine Password Manager Pro
1 EDB exploit
6.4
CVSSv2
CVE-2006-5161
IBM Client Security Password Manager stores and distributes saved passwords based upon the title of a website, which allows remote malicious users to obtain username and password credentials by changing the title of an HTML page.
Ibm Client Security Password Manager
4.3
CVSSv2
CVE-2019-12880
BCN Quark Quarking Password Manager 3.1.84 suffers from a clickjacking vulnerability caused by allowing * within web_accessible_resources. An attacker can take advantage of this vulnerability and cause significant harm.
Bcnquark Quarking Password Manager 3.1.84
4.3
CVSSv2
CVE-2017-17698
Zoho ManageEngine Password Manager Pro 9 prior to 9.4 (9400) has reflected XSS in SearchResult.ec and BulkAccessControlView.ec.
Zohocorp Manageengine Password Manager Pro
1 Github repository
NA
CVE-2023-25428
A DLL Hijacking issue discovered in Soft-o Free Password Manager 1.1.20 allows malicious users to create arbitrary DLLs leading to code execution.
Soft-o Free Password Manager 1.1.20
NA
CVE-2022-36664
Password Manager for IIS 2.0 has a cross-site scripting (XSS) vulnerability via the /isapi/PasswordManager.dll ResultURL parameter.
Adiscon Password Manager For Iis 2.0
NA
CVE-2020-27449
Cross Site Scripting (XSS) vulnerability in Query Report feature in Zoho ManageEngine Password Manager Pro version 11001, allows remote malicious users to execute arbitrary code and steal cookies via crafted JavaScript payload.
Zohocorp Manageengine Password Manager Pro 11.1
5
CVSSv2
CVE-2013-6246
The Dell Quest One Password Manager, possibly 5.0, allows remote malicious users to bypass CAPTCHA protections and obtain sensitive information (user's full name) by sending a login request with a valid domain and username but without the CaptchaType, UseCaptchaEveryTime, an...
Dell Quest One Password Manager 5.0
1 EDB exploit
NA
CVE-2022-35405
Zoho ManageEngine Password Manager Pro prior to 12101 and PAM360 prior to 5510 are vulnerable to unauthenticated remote code execution. (This also affects ManageEngine Access Manager Plus prior to 4303 with authentication.)
Zohocorp Manageengine Access Manager Plus 4.3
Zohocorp Manageengine Access Manager Plus
Zohocorp Manageengine Password Manager Pro
Zohocorp Manageengine Password Manager Pro 12.1
Zohocorp Manageengine Pam360
Zohocorp Manageengine Pam360 5.5
1 Github repository
NA
CVE-2022-47523
Zoho ManageEngine Access Manager Plus prior to 4309, Password Manager Pro prior to 12210, and PAM360 prior to 5801 are vulnerable to SQL Injection.
Zohocorp Manageengine Password Manager Pro
Zohocorp Manageengine Password Manager Pro 12.2
Zohocorp Manageengine Pam360
Zohocorp Manageengine Pam360 5.8
Zohocorp Manageengine Access Manager Plus 4.3
Zohocorp Manageengine Access Manager Plus
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »