Show filters
506 Total Results
Displaying 211-220 of 506
Sort by:
Attacker Value
Unknown

CVE-2021-37420

Disclosure Date: September 21, 2021 (last updated February 23, 2025)
Zoho ManageEngine ADSelfService Plus before 6112 is vulnerable to mail spoofing.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2021-37419

Disclosure Date: September 21, 2021 (last updated February 23, 2025)
Zoho ManageEngine ADSelfService Plus before 6112 is vulnerable to SSRF.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-37422

Disclosure Date: September 10, 2021 (last updated February 23, 2025)
Zoho ManageEngine ADSelfService Plus 6111 and prior is vulnerable to SQL Injection while linking the databases.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-37423

Disclosure Date: September 10, 2021 (last updated November 28, 2024)
Zoho ManageEngine ADSelfService Plus 6111 and prior is vulnerable to linked applications takeover.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-37414

Disclosure Date: September 10, 2021 (last updated February 23, 2025)
Zoho ManageEngine DesktopCentral before 10.0.709 allows anyone to get a valid user's APIKEY without authentication.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-37415

Disclosure Date: September 01, 2021 (last updated February 23, 2025)
Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-API URLs without authentication.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-33055

Disclosure Date: August 30, 2021 (last updated February 23, 2025)
Zoho ManageEngine ADSelfService Plus through 6102 allows unauthenticated remote code execution in non-English editions.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-37416

Disclosure Date: August 30, 2021 (last updated February 23, 2025)
Zoho ManageEngine ADSelfService Plus version 6103 and prior is vulnerable to reflected XSS on the loadframe page.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2021-37417

Disclosure Date: August 30, 2021 (last updated February 23, 2025)
Zoho ManageEngine ADSelfService Plus version 6103 and prior allows CAPTCHA bypass due to improper parameter validation.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-37421

Disclosure Date: August 30, 2021 (last updated February 23, 2025)
Zoho ManageEngine ADSelfService Plus 6103 and prior is vulnerable to admin portal access-restriction bypass.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  < Previous  Next >