VYPR

Admanager Plus

by Manageengine

CVEs (18)

  • CVE-2018-15740MedAug 28, 2018
    risk 0.43cvss 6.1epss 0.06

    Zoho ManageEngine ADManager Plus 6.5.7 has XSS on the "Workflow Delegation" "Requester Roles" screen.

  • CVE-2023-29084Apr 13, 2023
    risk 0.11cvss epss 0.98

    Zoho ManageEngine ADManager Plus before 7181 allows for authenticated users to exploit command injection via Proxy settings.

  • CVE-2021-20131Oct 13, 2021
    risk 0.04cvss epss 0.16

    ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the Personalization interface.

  • CVE-2021-20130Oct 13, 2021
    risk 0.04cvss epss 0.32

    ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the PasswordExpiry interface.

  • CVE-2024-24409Nov 8, 2024
    risk 0.03cvss epss 0.04

    Zohocorp ManageEngine ADManager Plus versions 7203 and prior are vulnerable to Privilege Escalation in the Modify Computers option.

  • CVE-2021-37919Oct 7, 2021
    risk 0.03cvss epss 0.11

    Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

  • CVE-2021-37921Oct 7, 2021
    risk 0.03cvss epss 0.11

    Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

  • CVE-2021-37931Oct 7, 2021
    risk 0.03cvss epss 0.09

    Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

  • CVE-2021-37929Oct 7, 2021
    risk 0.03cvss epss 0.09

    Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

  • CVE-2021-37928Oct 7, 2021
    risk 0.03cvss epss 0.09

    Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

  • CVE-2018-19374Apr 30, 2019
    risk 0.03cvss epss 0.01

    Zoho ManageEngine ADManager Plus 6.6 Build 6657 allows local users to gain privileges (after a reboot) by placing a Trojan horse file into the permissive bin directory.

  • CVE-2012-1049Feb 13, 2012
    risk 0.03cvss epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ADManager Plus 5.2 Build 5210 allow remote attackers to inject arbitrary web script or HTML via the (1) domainName parameter to jsp/AddDC.jsp or (2) operation parameter to DomainConfig.do.

  • CVE-2021-37922Oct 7, 2021
    risk 0.02cvss epss 0.02

    Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable to path traversal which allows copying of files from one directory to another.

  • CVE-2020-24786Aug 31, 2020
    risk 0.01cvss epss 0.13

    An issue was discovered in Zoho ManageEngine Exchange Reporter Plus before build number 5510, AD360 before build number 4228, ADSelfService Plus before build number 5817, DataSecurity Plus before build number 6033, RecoverManager Plus before build number 6017, EventLog Analyzer…

  • CVE-2024-48878Nov 4, 2024
    risk 0.00cvss epss 0.01

    Zohocorp ManageEngine ADManager Plus versions 7241 and prior are vulnerable to SQL Injection in Archived Audit Report.

  • CVE-2023-35786Jul 5, 2023
    risk 0.00cvss epss 0.03

    Zoho ManageEngine ADManager Plus before 7183 allows admin users to exploit an XXE issue to view files.

  • CVE-2021-37741Sep 21, 2021
    risk 0.00cvss epss 0.03

    ManageEngine ADManager Plus before 7111 has Pre-authentication RCE vulnerabilities.

  • CVE-2010-5050Nov 23, 2011
    risk 0.00cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in jsp/admin/tools/remote_share.jsp in ManageEngine ADManager Plus 4.4.0 allows remote attackers to inject arbitrary web script or HTML via the computerName parameter. NOTE: the provenance of this information is unknown; the details are…