427 matches found
CVE-2024-48878
Zohocorp ManageEngine ADManager Plus versions 7241 and prior are vulnerable to SQL Injection in Archived Audit Report...
CVE-2024-48878
CVE-2024-48878 concerns Zohocorp ManageEngine ADManager Plus, specifically versions 7241 and earlier. Public sources describe an SQL Injection vulnerability in the Archived Audit Report component. The CVE entries and connected feeds consistently identify this affected product and the root cause a...
CVE-2024-48878 SQL Injection
Zohocorp ManageEngine ADManager Plus versions 7241 and prior are vulnerable to SQL Injection in Archived Audit Report...
CVE-2024-48878 SQL Injection
Zohocorp ManageEngine ADManager Plus versions 7241 and prior are vulnerable to SQL Injection in Archived Audit Report...
ZOHO ManageEngine ADManager Plus 安全漏洞
ZOHO ManageEngine ADManager Plus is a suite of Microsoft Active Directory management software from ZOHO, Inc. designed for enterprise users using Windows domains. The software assists AD administrators and helpdesk technicians with day-to-day administrative tasks, such as batch management of user...
PT-2024-33254 · Zohocorp · Zoho Manageengine Admanager Plus
Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine ADManager Plus versions 7241 and prior Description: The issue is related to SQL Injection in the Archived Audit Report. This allows for potential exploitation. Recommendations: For versions 7241 and prior, update to a...
ZOHO ManageEngine ADManager Plus 权限许可和访问控制问题漏洞
ZOHO ManageEngine ADManager Plus is a suite of Microsoft Active Directory management software from ZOHO, Inc. designed for enterprise users using Windows domains. The software assists AD administrators and helpdesk technicians with day-to-day administrative tasks, such as batch management of user...
ManageEngine ADManager 7183 Password Hash Disclosure
============================================================================================================================================= | Title : ManageEngine ADManager 7183 Password Hash Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...
VulnCheck KEV: CVE-2023-38743
Zoho ManageEngine ADManager Plus before Build 7200 allows admin users to execute commands on the host machine...
PT-2024-20388 · Zoho · Zoho Manageengine Admanager Plus
Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine ADManager Plus versions 7203 and prior Description: The issue is related to a Privilege Escalation vulnerability in the Modify Computers option. This vulnerability allows for improper privilege management, which can lead...
ManageEngine ADManager Plus Build < 7183 - Recovery Password Disclosure Exploit
Exploit Title: ManageEngine ADManager Plus Build 7183 - Recovery Password Disclosure Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/ad-manager/ Details:...
ManageEngine ADManager Plus Build < 7183 - Recovery Password Disclosure
Exploit Title: ManageEngine ADManager Plus Build 7183 - Recovery Password Disclosure Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/ad-manager/ Details:...
ManageEngine ADManager Plus Recovery Password Disclosure
Exploit Title: ManageEngine ADManager Plus Build 7183 - Recovery Password Disclosure Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/ad-manager/ Details:...
The vulnerability of the Zoho ManageEngine ADManager Plus software for managing Active Directory services arises from incorrect restrictions on the path to the restricted access directory. This allows attackers to gain unauthorized access to confidential information.
The vulnerability of the Zoho ManageEngine ADManager Plus software for managing Active Directory services is related to an incorrect limitation on the path to the restricted access directory. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to confidential...
The vulnerability of the ChangePasswordAction function in the Active Directory management software Zoho ManageEngine ADManager Plus, related to errors in processing the invoked URL address, allows a malicious actor to execute arbitrary code.
The vulnerability of the ChangePasswordAction function in the Zoho ManageEngine ADManager Plus software exists due to the lack of measures taken to neutralize special elements used in the operating system command. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...
Exploit for CVE-2023-38743
CVE-2023-38743 ManageEngine ADManager Comma...
CVE-2023-41904
Zoho ManageEngine ADManager Plus before 7203 allows 2FA bypass for AuthToken generation in REST APIs...
CVE-2023-41904
Zoho ManageEngine ADManager Plus before 7203 allows 2FA bypass for AuthToken generation in REST APIs...
CVE-2023-41904
Zoho ManageEngine ADManager Plus before 7203 allows 2FA bypass for AuthToken generation in REST APIs...
Authentication flaw
Zoho ManageEngine ADManager Plus before 7203 allows 2FA bypass for AuthToken generation in REST APIs...