GCVE - cpe:2.3:a:zohocorp:manageengine_adselfservice

Approved changes feed: RSS · Atom

cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:6.5:6511:*:*:*:*:*:*

part: a version: 6.5 update: 6511

Vendor	Zohocorp (`4f1ab088-ab0e-54ac-b0dc-2304879a7502`)
Product	Manageengine Adselfservice Plus (`3fbdb5d5-250e-50f0-93a4-67a4b1106c54`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-3833`	vulnerable	2026-06-03 15:01:05.729756	SQL Injection HIGH (8.1) Zohocorp ManageEngine ADSelfService Plus versions 6513 and prior are vulnerable to authenticated SQL injection in the MFA reports. Published: 2025-05-14T11:00:27.309Z Updated: 2025-05-14T13:30:00.739Z Open on db.gcve.eu Reference links https://www.manageengine.com/products/self-service-password/advisory/CVE-2025-3833.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-11250`	vulnerable	2026-06-03 14:58:35.811182	Authentication Bypass CRITICAL (9.1) Zohocorp ManageEngine ADSelfService Plus versions before 6519 are vulnerable to Authentication Bypass due to improper filter configurations. Published: 2026-01-13T13:35:18.509Z Updated: 2026-01-13T14:19:27.437Z Open on db.gcve.eu Reference links https://www.manageengine.com/products/self-service-password/advisory/CVE-2025-11250.html	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.