Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
password manager vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-5459
SQL injection vulnerability in the AdvanceSearch.class in AdventNetPassTrix.jar in ManageEngine Password Manager Pro (PMP) prior to 8.1 Build 8101 allows remote authenticated users to execute arbitrary SQL commands via the ANDOR parameter, as demonstrated by a request to STATE_ID...
Zohocorp Manageengine Password Manager Pro
NA
CVE-2014-8498
SQL injection vulnerability in BulkEditSearchResult.cc in ManageEngine Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition prior to 7.1 build 7105 allows remote authenticated users to execute arbitrary SQL commands via the SEARCH_ALL parame...
Zohocorp Manageengine Password Manager Pro
1 EDB exploit
6.1
CVSSv3
CVE-2019-13380
KEYNTO Team Password Manager 1.5.0 allows XSS because data saved from websites is mishandled in the online vault.
Keynto Team Password Manager 1.5.0
NA
CVE-2004-1902
The Citrix MetaFrame Password Manager 2.0, when a central credential store is not configured, does not encrypt passwords entered immediately after executing the First Time User Wizards, which allows local users to gain sensitive information.
Citrix Metaframe Password Manager 2.0
6.1
CVSSv3
CVE-2020-27449
Cross Site Scripting (XSS) vulnerability in Query Report feature in Zoho ManageEngine Password Manager Pro version 11001, allows remote malicious users to execute arbitrary code and steal cookies via crafted JavaScript payload.
Zohocorp Manageengine Password Manager Pro 11.1
6.1
CVSSv3
CVE-2022-36664
Password Manager for IIS 2.0 has a cross-site scripting (XSS) vulnerability via the /isapi/PasswordManager.dll ResultURL parameter.
Adiscon Password Manager For Iis 2.0
7.8
CVSSv3
CVE-2023-25428
A DLL Hijacking issue discovered in Soft-o Free Password Manager 1.1.20 allows malicious users to create arbitrary DLLs leading to code execution.
Soft-o Free Password Manager 1.1.20
NA
CVE-2013-6246
The Dell Quest One Password Manager, possibly 5.0, allows remote malicious users to bypass CAPTCHA protections and obtain sensitive information (user's full name) by sending a login request with a valid domain and username but without the CaptchaType, UseCaptchaEveryTime, an...
Dell Quest One Password Manager 5.0
1 EDB exploit
9.8
CVSSv3
CVE-2022-47523
Zoho ManageEngine Access Manager Plus prior to 4309, Password Manager Pro prior to 12210, and PAM360 prior to 5801 are vulnerable to SQL Injection.
Zohocorp Manageengine Password Manager Pro
Zohocorp Manageengine Password Manager Pro 12.2
Zohocorp Manageengine Pam360
Zohocorp Manageengine Pam360 5.8
Zohocorp Manageengine Access Manager Plus 4.3
Zohocorp Manageengine Access Manager Plus
9.8
CVSSv3
CVE-2022-35405
Zoho ManageEngine Password Manager Pro prior to 12101 and PAM360 prior to 5510 are vulnerable to unauthenticated remote code execution. (This also affects ManageEngine Access Manager Plus prior to 4303 with authentication.)
Zohocorp Manageengine Access Manager Plus 4.3
Zohocorp Manageengine Access Manager Plus
Zohocorp Manageengine Password Manager Pro
Zohocorp Manageengine Password Manager Pro 12.1
Zohocorp Manageengine Pam360
Zohocorp Manageengine Pam360 5.5
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5274
CVE-2024-35388
CVE-2024-35396
elevation of privilege
CVE-2021-47544
file upload
CVE-2021-47545
memory leak
CVE-2024-4956
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »