Vulnerabilities > Zohocorp > Manageengine Pam360 > 6.6

DATE CVE VULNERABILITY TITLE RISK
2024-08-28 CVE-2024-5546 SQL Injection vulnerability in Zohocorp Manageengine Pam360
Zohocorp ManageEngine Password Manager Pro versions before 12431 and ManageEngine PAM360 versions before 7001 are affected by authenticated SQL Injection vulnerability via a global search option.
network
low complexity
zohocorp CWE-89
8.8
8.8
2024-05-29 CVE-2024-27313 Cross-site Scripting vulnerability in Zohocorp Manageengine Pam360 6.6
Zoho ManageEngine PAM360 is vulnerable to Stored XSS vulnerability.
network
low complexity
zohocorp CWE-79
4.6
4.6
2024-05-20 CVE-2024-27312 Incorrect Authorization vulnerability in Zohocorp Manageengine Pam360
Zohocorp ManageEngine PAM360 version 6601 is vulnerable to authorization vulnerability which allows a low-privileged user to perform admin actions.
network
low complexity
zohocorp CWE-863
8.1
8.1