Vulnerabilities > Zohocorp > Manageengine Admanager Plus
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-27 | CVE-2021-37539 | Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus before 7111 is vulnerable to unrestricted file which leads to Remote code execution. | 7.5 |
| 2021-09-22 | CVE-2021-37925 | OS Command Injection vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus version 7110 and prior has a Post-Auth OS command injection vulnerability. | 7.5 |
| 2021-09-22 | CVE-2021-37927 | Improper Verification of Cryptographic Signature vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus version 7110 and prior allows account takeover via SSO. | 7.5 |
| 2021-09-21 | CVE-2021-37419 | Server-Side Request Forgery (SSRF) vulnerability in Zohocorp Manageengine Admanager Plus 6.1 Zoho ManageEngine ADSelfService Plus before 6112 is vulnerable to SSRF. | 5.0 |
| 2021-09-21 | CVE-2021-37420 | Missing Authentication for Critical Function vulnerability in Zohocorp Manageengine Admanager Plus 6.1 Zoho ManageEngine ADSelfService Plus before 6112 is vulnerable to mail spoofing. | 4.3 |
| 2021-09-21 | CVE-2021-37424 | Unspecified vulnerability in Zohocorp Manageengine Admanager Plus 6.1 ManageEngine ADSelfService Plus before 6112 is vulnerable to domain user account takeover. | 7.5 |
| 2021-09-21 | CVE-2021-37741 | Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Admanager Plus ManageEngine ADManager Plus before 7111 has Pre-authentication RCE vulnerabilities. | 6.5 |
| 2021-07-17 | CVE-2021-33911 | Unspecified vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus before 7110 allows remote code execution. | 7.5 |
| 2021-07-17 | CVE-2021-36771 | Cross-site Scripting vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus before 7110 allows reflected XSS. | 4.3 |
| 2021-07-17 | CVE-2021-36772 | Cross-site Scripting vulnerability in Zohocorp Manageengine Admanager Plus Zoho ManageEngine ADManager Plus before 7110 allows stored XSS. | 4.3 |