Vulnerabilities > Zohocorp > Manageengine Admanager Plus > 6.6

DATE	CVE	VULNERABILITY TITLE	RISK
2021-10-07	CVE-2021-37931	Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. network low complexity zohocorp CWE-434 critical	9.8
2021-09-27	CVE-2021-37761	Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable to unrestricted file upload, leading to remote code execution. network low complexity zohocorp CWE-434 critical	9.8
2021-09-27	CVE-2021-37539	Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus before 7111 is vulnerable to unrestricted file which leads to Remote code execution. network low complexity zohocorp CWE-434 critical	9.8
2021-09-22	CVE-2021-37925	OS Command Injection vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus version 7110 and prior has a Post-Auth OS command injection vulnerability. network low complexity zohocorp CWE-78 critical	9.8
2021-09-22	CVE-2021-37927	Improper Verification of Cryptographic Signature vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus version 7110 and prior allows account takeover via SSO. network low complexity zohocorp CWE-347 critical	9.8
2021-09-21	CVE-2021-37741	Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus ManageEngine ADManager Plus before 7111 has Pre-authentication RCE vulnerabilities. network low complexity zohocorp CWE-434	8.8
2021-07-17	CVE-2021-33911	Unspecified vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus before 7110 allows remote code execution. network low complexity zohocorp critical	9.8
2021-07-17	CVE-2021-36771	Cross-site Scripting vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus before 7110 allows reflected XSS. network low complexity zohocorp CWE-79	6.1
2021-07-17	CVE-2021-36772	Cross-site Scripting vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus before 7110 allows stored XSS. network low complexity zohocorp CWE-79	6.1
2021-03-05	CVE-2020-35594	Cross-site Scripting vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus before 7066 allows XSS. network low complexity zohocorp CWE-79	6.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.