Vulnerabilities > Zohocorp > Manageengine Adaudit Plus > 4.5.0

DATE CVE VULNERABILITY TITLE RISK
2024-08-23 CVE-2024-5586 SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in extranet lockouts report option.
network
low complexity
zohocorp CWE-89
8.8
8.8
2024-08-12 CVE-2024-36034 SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus
Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in aggregate reports' search option.
network
low complexity
zohocorp CWE-89
8.8
8.8
2024-08-12 CVE-2024-36035 SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus
Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in user session recording.
network
low complexity
zohocorp CWE-89
8.8
8.8
2024-08-12 CVE-2024-36518 SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus
Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's dashboard.
network
low complexity
zohocorp CWE-89
5.4
5.4
2024-08-12 CVE-2024-5487 SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus
Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's export option.
network
low complexity
zohocorp CWE-89
8.8
8.8
2024-08-12 CVE-2024-5527 SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus
Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in file auditing configuration.
network
low complexity
zohocorp CWE-89
8.8
8.8
2024-05-27 CVE-2024-36037 Incorrect Authorization vulnerability in Zohocorp Manageengine Adaudit Plus
Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session recordings.
local
low complexity
zohocorp CWE-863
5.5
5.5
2024-05-22 CVE-2024-21791 Unspecified vulnerability in Zohocorp Manageengine Adaudit Plus
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection in lockout history option.
network
low complexity
zohocorp
7.2
7.2
2024-05-20 CVE-2023-49331 Unspecified vulnerability in Zohocorp Manageengine Adaudit Plus
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the aggregate reports search option.
network
low complexity
zohocorp
8.8
8.8
2024-05-20 CVE-2023-49332 Unspecified vulnerability in Zohocorp Manageengine Adaudit Plus
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file shares.
network
low complexity
zohocorp
8.8
8.8