Vulnerabilities > Zohocorp
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-18 | CVE-2024-49574 | SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus Zohocorp ManageEngine ADAudit Plus versions below 8123 are vulnerable to SQL Injection in the reports module. | 8.8 |
| 2024-11-08 | CVE-2024-10839 | XXE vulnerability in Zohocorp Manageengine Sharepoint Manager Plus Zohocorp ManageEngine SharePoint Manager Plus versions 4503 and prior are vulnerable to authenticated XML External Entity (XXE) in the Management option. | 8.1 |
| 2024-11-08 | CVE-2024-24409 | Unspecified vulnerability in Zohocorp Manageengine Admanager Plus Zohocorp ManageEngine ADManager Plus versions 7203 and prior are vulnerable to Privilege Escalation in the Modify Computers option. | 8.8 |
| 2024-11-05 | CVE-2024-9459 | SQL Injection vulnerability in Zohocorp Manageengine Exchange Reporter Plus Zohocorp ManageEngine Exchange Reporter Plus versions 5718 and prior are vulnerable to authenticated SQL Injection in reports module. | 8.8 |
| 2024-11-04 | CVE-2024-36485 | SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to SQL Injection in Technician reports option. | 8.8 |
| 2024-11-04 | CVE-2024-48878 | SQL Injection vulnerability in Zohocorp Manageengine Admanager Plus Zohocorp ManageEngine ADManager Plus versions 7241 and prior are vulnerable to SQL Injection in Archived Audit Report. | 8.8 |
| 2024-08-30 | CVE-2024-38868 | Incorrect Authorization vulnerability in Zohocorp Manageengine Endpoint Central Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability while isolating the devices.This issue affects Endpoint Central: before 11.3.2406.08 and before 11.3.2400.15 | 8.3 |
| 2024-08-30 | CVE-2024-6204 | SQL Injection vulnerability in Zohocorp Manageengine Exchange Reporter Plus Zohocorp ManageEngine Exchange Reporter Plus versions before 5715 are vulnerable to SQL Injection in the reports module. | 8.1 |
| 2024-08-28 | CVE-2024-5546 | SQL Injection vulnerability in Zohocorp Manageengine Pam360 Zohocorp ManageEngine Password Manager Pro versions before 12431 and ManageEngine PAM360 versions before 7001 are affected by authenticated SQL Injection vulnerability via a global search option. | 8.8 |
| 2024-08-23 | CVE-2024-38869 | Cross-site Scripting vulnerability in Zohocorp products Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability in remote office deploy configurations.This issue affects Endpoint Central: before 11.3.2416.04 and before 11.3.2400.25. | 5.4 |