CVE-2011-5105
- EPSS 5.98%
- Veröffentlicht 23.08.2012 20:55:02
- Zuletzt bearbeitet 16.06.2026 23:35:57
Multiple cross-site scripting (XSS) vulnerabilities in EmployeeSearch.cc in ZOHO ManageEngine ADSelfService Plus 4.5 Build 4521 allow remote attackers to inject arbitrary web script or HTML via the (1) searchType and (2) searchString parameters, a di...
CVE-2010-3274
- EPSS 21%
- Veröffentlicht 17.02.2011 18:00:03
- Zuletzt bearbeitet 16.06.2026 23:22:29
Multiple cross-site scripting (XSS) vulnerabilities in EmployeeSearch.cc in the Employee Search Engine in ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 allow remote attackers to inject arbitrary web script or HTML via the searchString pa...
CVE-2010-3272
- EPSS 4.02%
- Veröffentlicht 17.02.2011 18:00:02
- Zuletzt bearbeitet 16.06.2026 23:22:29
accounts/ValidateAnswers in the security-questions implementation in ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 makes it easier for remote attackers to reset user passwords, and consequently obtain access to arbitrary user accounts, v...
- EPSS 3.33%
- Veröffentlicht 17.02.2011 18:00:02
- Zuletzt bearbeitet 16.06.2026 23:22:29
ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 allows remote attackers to reset user passwords, and consequently obtain access to arbitrary user accounts, by providing a user id to accounts/ValidateUser, and then providing a new password ...