Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Manageengine Admanager Plus Security Vulnerabilities

cve
cve

CVE-2023-41904

Zoho ManageEngine ADManager Plus before 7203 allows 2FA bypass (for AuthToken generation) in REST...

5.4CVSS

6.8AI Score

0.014EPSS

2023-09-27 03:19 PM
2085
cve
cve

CVE-2023-38743

Zoho ManageEngine ADManager Plus before Build 7200 allows admin users to execute commands on the host...

7.2CVSS

7.2AI Score

0.001EPSS

2023-09-11 07:15 PM
23
cve
cve

CVE-2023-39912

Zoho ManageEngine ADManager Plus before 7203 allows Help Desk Technician users to read arbitrary files on the machine where this product is...

4.9CVSS

5AI Score

0.001EPSS

2023-08-31 11:15 PM
27
cve
cve

CVE-2023-31492

Zoho ManageEngine ADManager Plus version 7182 and prior disclosed the default passwords for the account restoration of unauthorized domains to the authenticated...

6.5CVSS

6.4AI Score

0.001EPSS

2023-08-17 11:15 PM
37
cve
cve

CVE-2023-38332

Zoho ManageEngine ADManager Plus through 7201 allow authenticated users to take over another user's account via sensitive information...

6.5CVSS

6.1AI Score

0.0005EPSS

2023-08-04 06:15 PM
26
cve
cve

CVE-2023-35786

Zoho ManageEngine ADManager Plus before 7183 allows admin users to exploit an XXE issue to view...

4.9CVSS

5.1AI Score

0.001EPSS

2023-07-05 06:15 AM
15
cve
cve

CVE-2023-29084

Zoho ManageEngine ADManager Plus before 7181 allows for authenticated users to exploit command injection via Proxy...

7.2CVSS

7.2AI Score

0.371EPSS

2023-04-13 07:15 PM
240
2
cve
cve

CVE-2022-42904

Zoho ManageEngine ADManager Plus through 7151 allows authenticated admin users to execute the commands in proxy...

7.2CVSS

7AI Score

0.001EPSS

2022-11-18 09:15 PM
34
3
cve
cve

CVE-2022-29457

Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701, and ADManagerPlus 7131 allow NTLM Hash disclosure during certain storage-path configuration...

8.8CVSS

8.6AI Score

0.019EPSS

2022-04-18 08:15 PM
96
cve
cve

CVE-2021-42002

Zoho ManageEngine ADManager Plus before 7115 is vulnerable to a filter bypass that leads to file-upload remote code...

9.8CVSS

9.6AI Score

0.004EPSS

2021-11-11 05:15 AM
30
cve
cve

CVE-2021-20130

ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the PasswordExpiry...

8.8CVSS

8.9AI Score

0.038EPSS

2021-10-13 06:15 PM
28
cve
cve

CVE-2021-20131

ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the Personalization...

8.8CVSS

8.9AI Score

0.038EPSS

2021-10-13 06:15 PM
25
cve
cve

CVE-2021-38298

Zoho ManageEngine ADManager Plus before 7110 is vulnerable to blind...

9.8CVSS

9.3AI Score

0.005EPSS

2021-10-07 10:15 PM
24
cve
cve

CVE-2021-37920

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code...

9.8CVSS

9.8AI Score

0.008EPSS

2021-10-07 04:15 PM
21
cve
cve

CVE-2021-37924

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code...

9.8CVSS

9.7AI Score

0.008EPSS

2021-10-07 04:15 PM
20
cve
cve

CVE-2021-37928

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code...

9.8CVSS

9.7AI Score

0.008EPSS

2021-10-07 04:15 PM
33
cve
cve

CVE-2021-37762

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file overwrite leading to remote code...

9.8CVSS

9.7AI Score

0.007EPSS

2021-10-07 04:15 PM
38
cve
cve

CVE-2021-37923

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code...

9.8CVSS

9.8AI Score

0.008EPSS

2021-10-07 04:15 PM
16
cve
cve

CVE-2021-37926

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code...

9.8CVSS

9.8AI Score

0.008EPSS

2021-10-07 04:15 PM
32
cve
cve

CVE-2021-37929

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code...

9.8CVSS

9.7AI Score

0.008EPSS

2021-10-07 04:15 PM
34
cve
cve

CVE-2021-37918

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code...

9.8CVSS

9.8AI Score

0.008EPSS

2021-10-07 04:15 PM
31
cve
cve

CVE-2021-37931

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code...

9.8CVSS

9.8AI Score

0.008EPSS

2021-10-07 04:15 PM
34
cve
cve

CVE-2021-37930

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code...

9.8CVSS

9.7AI Score

0.008EPSS

2021-10-07 04:15 PM
32
cve
cve

CVE-2021-37921

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code...

9.8CVSS

9.8AI Score

0.008EPSS

2021-10-07 04:15 PM
18
cve
cve

CVE-2021-37922

Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable to path traversal which allows copying of files from one directory to...

5.3CVSS

5.3AI Score

0.002EPSS

2021-10-07 04:15 PM
37
cve
cve

CVE-2021-37919

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code...

9.8CVSS

9.8AI Score

0.008EPSS

2021-10-07 04:15 PM
19
cve
cve

CVE-2021-37761

Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable to unrestricted file upload, leading to remote code...

9.8CVSS

9.7AI Score

0.008EPSS

2021-09-27 05:15 PM
40
cve
cve

CVE-2021-37539

Zoho ManageEngine ADManager Plus before 7111 is vulnerable to unrestricted file which leads to Remote code...

9.8CVSS

9.6AI Score

0.007EPSS

2021-09-27 03:15 PM
40
cve
cve

CVE-2021-37927

Zoho ManageEngine ADManager Plus version 7110 and prior allows account takeover via...

9.8CVSS

9.4AI Score

0.002EPSS

2021-09-22 02:15 PM
27
cve
cve

CVE-2021-37925

Zoho ManageEngine ADManager Plus version 7110 and prior has a Post-Auth OS command injection...

9.8CVSS

9.7AI Score

0.003EPSS

2021-09-22 02:15 PM
23
cve
cve

CVE-2021-37420

Zoho ManageEngine ADSelfService Plus before 6112 is vulnerable to mail...

6.5CVSS

6.4AI Score

0.002EPSS

2021-09-21 01:15 PM
32
cve
cve

CVE-2021-37419

Zoho ManageEngine ADSelfService Plus before 6112 is vulnerable to...

7.5CVSS

7.5AI Score

0.002EPSS

2021-09-21 01:15 PM
33
cve
cve

CVE-2021-37741

ManageEngine ADManager Plus before 7111 has Pre-authentication RCE...

8.8CVSS

8.7AI Score

0.001EPSS

2021-09-21 01:15 PM
38
cve
cve

CVE-2021-37424

ManageEngine ADSelfService Plus before 6112 is vulnerable to domain user account...

9.8CVSS

9.3AI Score

0.005EPSS

2021-09-21 01:15 PM
22
cve
cve

CVE-2021-36771

Zoho ManageEngine ADManager Plus before 7110 allows reflected...

6.1CVSS

6.2AI Score

0.001EPSS

2021-07-17 07:15 PM
67
8
cve
cve

CVE-2021-36772

Zoho ManageEngine ADManager Plus before 7110 allows stored...

6.1CVSS

6.2AI Score

0.001EPSS

2021-07-17 07:15 PM
65
8
cve
cve

CVE-2021-33911

Zoho ManageEngine ADManager Plus before 7110 allows remote code...

9.8CVSS

9.8AI Score

0.005EPSS

2021-07-17 07:15 PM
75
8
cve
cve

CVE-2020-35594

Zoho ManageEngine ADManager Plus before 7066 allows...

6.1CVSS

7.4AI Score

0.001EPSS

2021-03-05 05:15 PM
26
2
cve
cve

CVE-2020-24786

An issue was discovered in Zoho ManageEngine Exchange Reporter Plus before build number 5510, AD360 before build number 4228, ADSelfService Plus before build number 5817, DataSecurity Plus before build number 6033, RecoverManager Plus before build number 6017, EventLog Analyzer before build number....

9.8CVSS

7.5AI Score

0.014EPSS

2020-08-31 03:15 PM
32
cve
cve

CVE-2019-12876

Zoho ManageEngine ADManager Plus 6.6.5, ADSelfService Plus 5.7, and DesktopCentral 10.0.380 have Insecure Permissions, leading to Privilege Escalation from low level privileges to...

7.3CVSS

7.4AI Score

0.001EPSS

2019-07-17 08:15 PM
34
cve
cve

CVE-2018-19374

Zoho ManageEngine ADManager Plus 6.6 Build 6657 allows local users to gain privileges (after a reboot) by placing a Trojan horse file into the permissive bin...

7CVSS

6.8AI Score

0.001EPSS

2019-04-30 06:29 PM
43
cve
cve

CVE-2018-15740

Zoho ManageEngine ADManager Plus 6.5.7 has XSS on the "Workflow Delegation" "Requester Roles"...

6.1CVSS

6.2AI Score

0.002EPSS

2018-08-28 07:29 PM
24
cve
cve

CVE-2017-17552

/LoadFrame in Zoho ManageEngine AD Manager Plus build 6590 - 6613 allows attackers to conduct URL Redirection attacks via the src parameter, resulting in a bypass of CSRF protection, or potentially masquerading a malicious URL as...

8.8CVSS

6.8AI Score

0.001EPSS

2018-02-07 05:29 PM
25
cve
cve

CVE-2015-1026

Multiple cross-site scripting (XSS) vulnerabilities in ZOHO ManageEngine ADManager Plus before 6.2 Build 6270 allow remote attackers to inject arbitrary web script or HTML via the (1) technicianSearchText parameter to the Help Desk Technician page or (2) rolesSearchText parameter to the Help Desk.....

5.8AI Score

0.002EPSS

2015-03-11 02:59 PM
23
cve
cve

CVE-2010-5050

Cross-site scripting (XSS) vulnerability in jsp/admin/tools/remote_share.jsp in ManageEngine ADManager Plus 4.4.0 allows remote attackers to inject arbitrary web script or HTML via the computerName parameter. NOTE: the provenance of this information is unknown; the details are obtained solely...

5.7AI Score

0.003EPSS

2011-11-23 01:55 AM
25