Show filters
50 Total Results
Displaying 11-20 of 50
Sort by:
Attacker Value
Unknown

CVE-2023-38332

Disclosure Date: August 04, 2023 (last updated October 08, 2023)
Zoho ManageEngine ADManager Plus through 7201 allow authenticated users to take over another user's account via sensitive information disclosure.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-35786

Disclosure Date: July 05, 2023 (last updated October 08, 2023)
Zoho ManageEngine ADManager Plus before 7183 allows admin users to exploit an XXE issue to view files.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-29084

Disclosure Date: April 13, 2023 (last updated October 08, 2023)
Zoho ManageEngine ADManager Plus before 7181 allows for authenticated users to exploit command injection via Proxy settings.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-42904

Disclosure Date: November 18, 2022 (last updated December 22, 2024)
Zoho ManageEngine ADManager Plus through 7151 allows authenticated admin users to execute the commands in proxy settings.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-29457

Disclosure Date: April 18, 2022 (last updated October 07, 2023)
Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701, and ADManagerPlus 7131 allow NTLM Hash disclosure during certain storage-path configuration steps.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-42002

Disclosure Date: November 11, 2021 (last updated October 07, 2023)
Zoho ManageEngine ADManager Plus before 7115 is vulnerable to a filter bypass that leads to file-upload remote code execution.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-20130

Disclosure Date: October 13, 2021 (last updated November 28, 2024)
ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the PasswordExpiry interface.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-20131

Disclosure Date: October 13, 2021 (last updated November 28, 2024)
ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the Personalization interface.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-38298

Disclosure Date: October 07, 2021 (last updated November 28, 2024)
Zoho ManageEngine ADManager Plus before 7110 is vulnerable to blind XXE.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-37923

Disclosure Date: October 07, 2021 (last updated November 28, 2024)
Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  < Previous  Next >