Vulnerabilities > Zohocorp

DATE CVE VULNERABILITY TITLE RISK
2024-08-23 CVE-2024-5556 SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in reports module.
network
low complexity
zohocorp CWE-89
8.8
8.8
2024-08-23 CVE-2024-5586 SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in extranet lockouts report option.
network
low complexity
zohocorp CWE-89
8.8
8.8
2024-08-12 CVE-2024-36034 SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus
Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in aggregate reports' search option.
network
low complexity
zohocorp CWE-89
8.8
8.8
2024-08-12 CVE-2024-36035 SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus
Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in user session recording.
network
low complexity
zohocorp CWE-89
8.8
8.8
2024-08-12 CVE-2024-36518 SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus
Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's dashboard.
network
low complexity
zohocorp CWE-89
5.4
5.4
2024-08-12 CVE-2024-5487 SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus
Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's export option.
network
low complexity
zohocorp CWE-89
8.8
8.8
2024-08-12 CVE-2024-5527 SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus
Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in file auditing configuration.
network
low complexity
zohocorp CWE-89
8.8
8.8
2024-08-01 CVE-2024-5678 SQL Injection vulnerability in Zohocorp Manageengine Applications Manager
Zohocorp ManageEngine Applications Manager versions 170900 and below are vulnerable to the authenticated admin-only SQL Injection in the Create Monitor feature.
network
low complexity
zohocorp CWE-89
4.7
4.7
2024-07-26 CVE-2024-38871 SQL Injection vulnerability in Zohocorp Manageengine Exchange Reporter Plus
Zohocorp ManageEngine Exchange Reporter Plus versions 5717 and below are vulnerable to the authenticated SQL injection in the reports module.
network
low complexity
zohocorp CWE-89
8.8
8.8
2024-07-26 CVE-2024-38872 SQL Injection vulnerability in Zohocorp Manageengine Exchange Reporter Plus
Zohocorp ManageEngine Exchange Reporter Plus versions 5717 and below are vulnerable to the authenticated SQL injection in the monitoring module.
network
low complexity
zohocorp CWE-89
8.8
8.8