Zohocorp Manageengine_admanager_plus
53 CVEs affecting Zohocorp Manageengine_admanager_plus. Latest disclosed: 2026-01-13. Critical: 22, High: 15.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-47966 | Critical | 9.8 | 2023-01-18 | Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache Santuario xmlsec (aka… |
CVE-2021-42002 | Critical | 9.8 | 2021-11-11 | Zoho ManageEngine ADManager Plus before 7115 is vulnerable to a filter bypass that leads to file-upload remote code execution. |
CVE-2021-38298 | Critical | 9.8 | 2021-10-07 | Zoho ManageEngine ADManager Plus before 7110 is vulnerable to blind XXE. |
CVE-2021-37931 | Critical | 9.8 | 2021-10-07 | Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. |
CVE-2021-37930 | Critical | 9.8 | 2021-10-07 | Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. |
CVE-2021-37929 | Critical | 9.8 | 2021-10-07 | Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. |
CVE-2021-37928 | Critical | 9.8 | 2021-10-07 | Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. |
CVE-2021-37926 | Critical | 9.8 | 2021-10-07 | Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. |
CVE-2021-37924 | Critical | 9.8 | 2021-10-07 | Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. |
CVE-2021-37923 | Critical | 9.8 | 2021-10-07 | Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. |
CVE-2021-37921 | Critical | 9.8 | 2021-10-07 | Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. |
CVE-2021-37920 | Critical | 9.8 | 2021-10-07 | Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. |
CVE-2021-37919 | Critical | 9.8 | 2021-10-07 | Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. |
CVE-2021-37918 | Critical | 9.8 | 2021-10-07 | Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. |
CVE-2021-37762 | Critical | 9.8 | 2021-10-07 | Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file overwrite leading to remote code execution. |
CVE-2021-37761 | Critical | 9.8 | 2021-09-27 | Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable to unrestricted file upload, leading to remote code execution. |
CVE-2021-37539 | Critical | 9.8 | 2021-09-27 | Zoho ManageEngine ADManager Plus before 7111 is vulnerable to unrestricted file which leads to Remote code execution. |
CVE-2021-37927 | Critical | 9.8 | 2021-09-22 | Zoho ManageEngine ADManager Plus version 7110 and prior allows account takeover via SSO. |
CVE-2021-37925 | Critical | 9.8 | 2021-09-22 | Zoho ManageEngine ADManager Plus version 7110 and prior has a Post-Auth OS command injection vulnerability. |
CVE-2021-37424 | Critical | 9.8 | 2021-09-21 | ManageEngine ADSelfService Plus before 6112 is vulnerable to domain user account takeover. |