Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
admanager vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-37424
ManageEngine ADSelfService Plus prior to 6112 is vulnerable to domain user account takeover.
Zohocorp Manageengine Admanager Plus
Zohocorp Manageengine Admanager Plus 6.1
9.8
CVSSv3
CVE-2021-37539
Zoho ManageEngine ADManager Plus prior to 7111 is vulnerable to unrestricted file which leads to Remote code execution.
Zohocorp Manageengine Admanager Plus
Zohocorp Manageengine Admanager Plus 7.1
7.5
CVSSv3
CVE-2021-37419
Zoho ManageEngine ADSelfService Plus prior to 6112 is vulnerable to SSRF.
Zohocorp Manageengine Admanager Plus
Zohocorp Manageengine Admanager Plus 6.1
5.4
CVSSv3
CVE-2023-41904
Zoho ManageEngine ADManager Plus prior to 7203 allows 2FA bypass (for AuthToken generation) in REST APIs.
Zohocorp Manageengine Admanager Plus
Zohocorp Manageengine Admanager Plus 7.2
9.8
CVSSv3
CVE-2021-38298
Zoho ManageEngine ADManager Plus prior to 7110 is vulnerable to blind XXE.
Zohocorp Manageengine Admanager Plus
Zohocorp Manageengine Admanager Plus 7.1
NA
CVE-2008-5596
Ikon AdManager 2.1 and previous versions stores sensitive information under the web root with insufficient access control, which allows remote malicious users to download the database file via a direct request for ikonBAnner_AdManager.mdb.
Dotnetindex Ikon Admanager
1 EDB exploit
NA
CVE-2008-6261
SQL injection vulnerability in view.php in E-topbiz AdManager 4 allows remote malicious users to execute arbitrary SQL commands via the group parameter.
E-topbiz Admanager 4.0
1 EDB exploit
NA
CVE-2015-1026
Multiple cross-site scripting (XSS) vulnerabilities in ZOHO ManageEngine ADManager Plus prior to 6.2 Build 6270 allow remote malicious users to inject arbitrary web script or HTML via the (1) technicianSearchText parameter to the Help Desk Technician page or (2) rolesSearchText p...
Zohocorp Manageengine Admanager Plus
NA
CVE-2012-1049
Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ADManager Plus 5.2 Build 5210 allow remote malicious users to inject arbitrary web script or HTML via the (1) domainName parameter to jsp/AddDC.jsp or (2) operation parameter to DomainConfig.do.
Manageengine Admanager Plus 5.2
2 EDB exploits
8.8
CVSSv3
CVE-2017-17552
/LoadFrame in Zoho ManageEngine AD Manager Plus build 6590 - 6613 allows malicious users to conduct URL Redirection attacks via the src parameter, resulting in a bypass of CSRF protection, or potentially masquerading a malicious URL as trusted.
Zohocorp Manageengine Admanager Plus
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »