Vulnerabilities > Zohocorp

DATE CVE VULNERABILITY TITLE RISK
2024-05-20 CVE-2023-49334 Unspecified vulnerability in Zohocorp Manageengine Adaudit Plus
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while exporting a full summary report.
network
low complexity
zohocorp
8.8
8.8
2024-05-20 CVE-2023-49335 Unspecified vulnerability in Zohocorp Manageengine Adaudit Plus
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while getting file server details.
network
low complexity
zohocorp
8.8
8.8
2024-05-20 CVE-2023-49330 SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while getting aggregate report data.
network
low complexity
zohocorp CWE-89
8.8
8.8
2024-05-20 CVE-2024-27312 Incorrect Authorization vulnerability in Zohocorp Manageengine Pam360
Zohocorp ManageEngine PAM360 version 6601 is vulnerable to authorization vulnerability which allows a low-privileged user to perform admin actions.
network
low complexity
zohocorp CWE-863
8.1
8.1
2024-02-16 CVE-2024-21775 SQL Injection vulnerability in Zohocorp Manageengine Exchange Reporter Plus
Zoho ManageEngine Exchange Reporter Plus versions 5714 and below are vulnerable to the Authenticated SQL injection in report exporting feature.
network
low complexity
zohocorp CWE-89
8.8
8.8
2024-02-02 CVE-2024-0253 SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus
ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in home Graph-Data.
network
low complexity
zohocorp CWE-89
8.8
8.8
2024-02-02 CVE-2024-0269 SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus
ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in File-Summary DrillDown.
network
low complexity
zohocorp CWE-89
8.8
8.8
2024-02-02 CVE-2023-48792 SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus
Zoho ManageEngine ADAudit Plus through 7250 is vulnerable to SQL Injection in the report export option.
network
low complexity
zohocorp CWE-89
critical
 9.8
9.8
2024-02-02 CVE-2023-48793 SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus
Zoho ManageEngine ADAudit Plus through 7250 allows SQL Injection in the aggregate report feature.
network
low complexity
zohocorp CWE-89
critical
 9.8
9.8
2024-01-25 CVE-2023-50785 Path Traversal vulnerability in Zohocorp Manageengine Adaudit Plus 7.2
Zoho ManageEngine ADAudit Plus before 7270 allows admin users to view names of arbitrary directories via path traversal.
network
low complexity
zohocorp CWE-22
2.7
2.7