Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Manageengine_admanager_plus
(Zohocorp)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 50 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-10-07 | CVE-2021-37930 | Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | Manageengine_admanager_plus | 9.8 | ||
| 2021-10-07 | CVE-2021-37931 | Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | Manageengine_admanager_plus | 9.8 | ||
| 2021-10-07 | CVE-2021-38298 | Zoho ManageEngine ADManager Plus before 7110 is vulnerable to blind XXE. | Manageengine_admanager_plus | 9.8 | ||
| 2021-10-13 | CVE-2021-20130 | ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the PasswordExpiry interface. | Manageengine_admanager_plus | 8.8 | ||
| 2021-10-13 | CVE-2021-20131 | ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the Personalization interface. | Manageengine_admanager_plus | 8.8 | ||
| 2021-11-11 | CVE-2021-42002 | Zoho ManageEngine ADManager Plus before 7115 is vulnerable to a filter bypass that leads to file-upload remote code execution. | Manageengine_admanager_plus | 9.8 | ||
| 2022-04-18 | CVE-2022-29457 | Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701, and ADManagerPlus 7131 allow NTLM Hash disclosure during certain storage-path configuration steps. | Manageengine_adaudit_plus, Manageengine_admanager_plus, Manageengine_adselfservice_plus, Manageengine_exchange_reporter_plus | 8.8 | ||
| 2023-07-05 | CVE-2023-35786 | Zoho ManageEngine ADManager Plus before 7183 allows admin users to exploit an XXE issue to view files. | Manageengine_admanager_plus | 4.9 | ||
| 2023-08-04 | CVE-2023-38332 | Zoho ManageEngine ADManager Plus through 7201 allow authenticated users to take over another user's account via sensitive information disclosure. | Manageengine_admanager_plus | 6.5 | ||
| 2023-08-17 | CVE-2023-31492 | Zoho ManageEngine ADManager Plus version 7182 and prior disclosed the default passwords for the account restoration of unauthorized domains to the authenticated users. | Manageengine_admanager_plus | 6.5 |