CVE-2025-11670

Zohocorp ManageEngine ADManager Plus versions before 8025 are vulnerable to NTLM Hash Exposure. This vulnerability is exploitable only by technicians who have the “Impersonate as Admin” option enabled...

CVE-2025-11670

Zohocorp ManageEngine ADManager Plus versions before 8025 are vulnerable to NTLM Hash Exposure. This vulnerability is exploitable only by technicians who have the “Impersonate as Admin” option enabled...

CVE-2025-11670 NTLM Hash Exposure Vulnerability

Zohocorp ManageEngine ADManager Plus versions before 8025 are vulnerable to NTLM Hash Exposure. This vulnerability is exploitable only by technicians who have the “Impersonate as Admin” option enabled...

CVE-2025-11670

CVE-2025-11670 affects Zohocorp ManageEngine ADManager Plus prior to version 8025. The root cause is NTLM Hash Exposure, and exploitation is restricted to technicians who have the Impersonate as Admin option enabled. Public references consistently cite version 8025 as the fixed/target version. No...

EUVD-2025-203359

Zohocorp ManageEngine ADManager Plus versions before 8025 are vulnerable to NTLM Hash Exposure. This vulnerability is exploitable only by technicians who have the “Impersonate as Admin” option enabled...

PT-2025-51214

Name of the Vulnerable Software and Affected Versions ManageEngine ADManager Plus versions prior to 8025 Description The software is susceptible to an NTLM Hash Exposure issue. Exploitation of this issue is limited to technicians with the “Impersonate as Admin” option enabled. Recommendations...

ZOHO ManageEngine Applications Manager Command Injection Vulnerability

ZOHO ManageEngine Applications Manager is a set of IT operation and maintenance management solutions of the United States ZhuoHao ZOHO company. The product has application performance management, fault management, report generation and SLA management and other functions. A command injection...

ZOHO ManageEngine Exchange reporter Plus Cross-Site Scripting Vulnerability

ZOHO ManageEngine Exchange reporter Plus is a Web-based Microsoft Exchange reporting, auditing and monitoring software from ZOHO. A cross-site scripting vulnerability exists in ZOHO ManageEngine Exchange reporter Plus, which can be exploited by an attacker to create privileged accounts and gain...

ZOHO ManageEngine Exchange reporter Plus cross-site scripting vulnerability (CNVD-2025-29920)

ZOHO ManageEngine Exchange reporter Plus is a Web-based Microsoft Exchange reporting, auditing and monitoring software from ZOHO. A cross-site scripting vulnerability exists in Zoho ManageEngine Exchange Reporter Plus, which can be exploited by an attacker to create privileged accounts and gain...

ZOHO ManageEngine Exchange reporter Plus cross-site scripting vulnerability (CNVD-2025-29921)

ZOHO ManageEngine Exchange reporter Plus is a Web-based Microsoft Exchange reporting, auditing and monitoring software from ZOHO. A cross-site scripting vulnerability exists in ZOHO ManageEngine Exchange reporter Plus, which can be exploited by an attacker to create privileged accounts within the...

ZOHO ManageEngine OpManager Cross-Site Scripting Vulnerability (CNVD-2025-29925)

ZOHO ManageEngine OpManager is a comprehensive network monitoring software from ZOHO. It is used to manage routers, firewalls, servers, switches and printers. A cross-site scripting vulnerability exists in ZOHO ManageEngine OpManager, no detailed vulnerability details are available at this time...

ZOHO ManageEngine Analytics Plus SQL Injection Vulnerability

ZOHO ManageEngine Analytics Plus is a self-service IT analytics solution from ZOHO. Get a better view of your IT data with rich visualizations and dashboards. A SQL injection vulnerability exists in ZOHO ManageEngine Analytics Plus. An attacker can use this vulnerability to view, add, modify, or...

CVE-2025-9227

Zohocorp ManageEngine OpManager versions 128609 and below are vulnerable to Stored XSS Vulnerability in the SNMP trap processor...

CVE-2025-9223

Zohocorp ManageEngine Applications Manager versions 178100 and below are vulnerable to authenticated command injection vulnerability due to the improper configuration in the execute program action feature...

CVE-2025-8324

Zohocorp ManageEngine Analytics Plus versions 6170 and below are vulnerable to Unauthenticated SQL Injection due to the improper filter configuration...

CVE-2025-7430

Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Folder Message Count and Size report...

CVE-2025-7633

Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Custom report...

CVE-2025-7429

Zohocorp ManageEngine Exchange Reporter Plus versions 5723 and below are vulnerable to the Stored XSS Vulnerability in the Mails Deleted or Moved report...

EUVD-2025-84349

Zohocorp ManageEngine Applications Manager versions 178100 and below are vulnerable to authenticated command injection vulnerability due to the improper configuration in the execute program action feature...

EUVD-2025-84348

Zohocorp ManageEngine OpManager versions 128609 and below are vulnerable to Stored XSS Vulnerability in the SNMP trap processor...