Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
admanager plus vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2022-42904
Zoho ManageEngine ADManager Plus through 7151 allows authenticated admin users to execute the commands in proxy settings.
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
6.1
CVSSv3
CVE-2021-36771
Zoho ManageEngine ADManager Plus prior to 7110 allows reflected XSS.
Zohocorp Manageengine Admanager Plus
Zohocorp Manageengine Admanager Plus 7.1
8.8
CVSSv3
CVE-2021-20130
ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the PasswordExpiry interface.
Zohocorp Manageengine Admanager Plus
Zohocorp Manageengine Admanager Plus 7.1
8.8
CVSSv3
CVE-2021-20131
ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the Personalization interface.
Zohocorp Manageengine Admanager Plus
Zohocorp Manageengine Admanager Plus 7.1
8.8
CVSSv3
CVE-2021-37741
ManageEngine ADManager Plus prior to 7111 has Pre-authentication RCE vulnerabilities.
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
7.2
CVSSv3
CVE-2023-38743
Zoho ManageEngine ADManager Plus before Build 7200 allows admin users to execute commands on the host machine.
Zohocorp Manageengine Admanager Plus
1 Github repository
4.9
CVSSv3
CVE-2023-39912
Zoho ManageEngine ADManager Plus prior to 7203 allows Help Desk Technician users to read arbitrary files on the machine where this product is installed.
Zohocorp Manageengine Admanager Plus
NA
CVE-2015-1026
Multiple cross-site scripting (XSS) vulnerabilities in ZOHO ManageEngine ADManager Plus prior to 6.2 Build 6270 allow remote malicious users to inject arbitrary web script or HTML via the (1) technicianSearchText parameter to the Help Desk Technician page or (2) rolesSearchText p...
Zohocorp Manageengine Admanager Plus
8.8
CVSSv3
CVE-2017-17552
/LoadFrame in Zoho ManageEngine AD Manager Plus build 6590 - 6613 allows malicious users to conduct URL Redirection attacks via the src parameter, resulting in a bypass of CSRF protection, or potentially masquerading a malicious URL as trusted.
Zohocorp Manageengine Admanager Plus
6.1
CVSSv3
CVE-2018-15608
Zoho ManageEngine ADManager Plus 6.5.7 allows HTML Injection on the "AD Delegation" "Help Desk Technicians" screen.
Manageengine Admanager Plus 6.5.7
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »