This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Zohocorp First view 2011-11-22
Product Manageengine Admanager Plus Last view 2022-04-18
Version Type Application
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:zohocorp:manageengine_admanager_plus:4.4.0:*:*:*:*:*:*:* 34
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.1:-:*:*:*:*:*:* 33
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.1:6100:*:*:*:*:*:* 33
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.1:6101:*:*:*:*:*:* 33
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.1:6102:*:*:*:*:*:* 33
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.1:6103:*:*:*:*:*:* 33
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.1:6104:*:*:*:*:*:* 33
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.1:6105:*:*:*:*:*:* 33
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.1:6106:*:*:*:*:*:* 33
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.1:6107:*:*:*:*:*:* 33
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.1:6108:*:*:*:*:*:* 33
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.1:6109:*:*:*:*:*:* 33
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.1:6110:*:*:*:*:*:* 33
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.1:6111:*:*:*:*:*:* 33
cpe:2.3:a:zohocorp:manageengine_admanager_plus:*:*:*:*:*:*:*:* 33
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.5.7:*:*:*:*:*:*:* 30
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.6:6657:*:*:*:*:*:* 30
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7054:*:*:*:*:*:* 29
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7053:*:*:*:*:*:* 29
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7052:*:*:*:*:*:* 29
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7051:*:*:*:*:*:* 29
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7050:*:*:*:*:*:* 29
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7041:*:*:*:*:*:* 29
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7040:*:*:*:*:*:* 29
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7030:*:*:*:*:*:* 29
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7020:*:*:*:*:*:* 29
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7011:*:*:*:*:*:* 29
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7010:*:*:*:*:*:* 29
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7000:*:*:*:*:*:* 29
cpe:2.3:a:zohocorp:manageengine_admanager_plus:6.6.5:*:*:*:*:*:*:* 29
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7065:*:*:*:*:*:* 28
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:-:*:*:*:*:*:* 28
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7055:*:*:*:*:*:* 28
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7056:*:*:*:*:*:* 28
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7060:*:*:*:*:*:* 28
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7066:*:*:*:*:*:* 28
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7064:*:*:*:*:*:* 28
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7063:*:*:*:*:*:* 28
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7062:*:*:*:*:*:* 28
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.0:7061:*:*:*:*:*:* 28
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7102:*:*:*:*:*:* 27
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:-:*:*:*:*:*:* 27
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7100:*:*:*:*:*:* 27
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7101:*:*:*:*:*:* 27
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7110:*:*:*:*:*:* 22
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7111:*:*:*:*:*:* 3
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7112:*:*:*:*:*:* 3
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7113:*:*:*:*:*:* 3
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7114:*:*:*:*:*:* 3
cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.1:7115:*:*:*:*:*:* 2

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
8.8 2022-04-18 CVE-2022-29457

Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701, and ADManagerPlus 7131 allow NTLM Hash disclosure during certain storage-path configuration steps.

9.8 2021-11-11 CVE-2021-42002

Zoho ManageEngine ADManager Plus before 7115 is vulnerable to a filter bypass that leads to file-upload remote code execution.

8.8 2021-10-13 CVE-2021-20131

ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the Personalization interface.

8.8 2021-10-13 CVE-2021-20130

ManageEngine ADManager Plus Build 7111 contains a post-authentication remote code execution vulnerability due to improperly validated file uploads in the PasswordExpiry interface.

9.8 2021-10-07 CVE-2021-38298

Zoho ManageEngine ADManager Plus before 7110 is vulnerable to blind XXE.

9.8 2021-10-07 CVE-2021-37931

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

9.8 2021-10-07 CVE-2021-37930

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

9.8 2021-10-07 CVE-2021-37929

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

9.8 2021-10-07 CVE-2021-37928

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

9.8 2021-10-07 CVE-2021-37926

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

9.8 2021-10-07 CVE-2021-37924

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

9.8 2021-10-07 CVE-2021-37923

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

5.3 2021-10-07 CVE-2021-37922

Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable to path traversal which allows copying of files from one directory to another.

9.8 2021-10-07 CVE-2021-37921

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

9.8 2021-10-07 CVE-2021-37920

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

9.8 2021-10-07 CVE-2021-37919

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

9.8 2021-10-07 CVE-2021-37918

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution.

9.8 2021-10-07 CVE-2021-37762

Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file overwrite leading to remote code execution.

9.8 2021-09-27 CVE-2021-37761

Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable to unrestricted file upload, leading to remote code execution.

9.8 2021-09-27 CVE-2021-37539

Zoho ManageEngine ADManager Plus before 7111 is vulnerable to unrestricted file which leads to Remote code execution.

9.8 2021-09-22 CVE-2021-37927

Zoho ManageEngine ADManager Plus version 7110 and prior allows account takeover via SSO.

9.8 2021-09-22 CVE-2021-37925

Zoho ManageEngine ADManager Plus version 7110 and prior has a Post-Auth OS command injection vulnerability.

8.8 2021-09-21 CVE-2021-37741

ManageEngine ADManager Plus before 7111 has Pre-authentication RCE vulnerabilities.

9.8 2021-09-21 CVE-2021-37424

ManageEngine ADSelfService Plus before 6112 is vulnerable to domain user account takeover.

6.5 2021-09-21 CVE-2021-37420

Zoho ManageEngine ADSelfService Plus before 6112 is vulnerable to mail spoofing.

CWE : Common Weakness Enumeration

%idName
47% (16) CWE-434 Unrestricted Upload of File with Dangerous Type
17% (6) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
11% (4) CWE-287 Improper Authentication
5% (2) CWE-732 Incorrect Permission Assignment for Critical Resource
2% (1) CWE-611 Information Leak Through XML External Entity File Disclosure
2% (1) CWE-522 Insufficiently Protected Credentials
2% (1) CWE-352 Cross-Site Request Forgery (CSRF)
2% (1) CWE-269 Improper Privilege Management
2% (1) CWE-78 Improper Sanitization of Special Elements used in an OS Command ('O...
2% (1) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...

Open Source Vulnerability Database (OSVDB)

id Description
64857 ManageEngine ADManager Plus jsp/admin/tools/remote_share.jsp computerName Par...

Nessus® Vulnerability Scanner

id Description
2010-06-02 Name: A web application on the remote host has a cross-site scripting vulnerability.
File: admanager_plus_computername_xss.nasl - Type: ACT_ATTACK