Zohocorp: >> Manageengine Adaudit Plus Security Vulnerabilities
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in file summary option.
CVSS Score
8.3
EPSS Score
0.009
Published
2024-08-23
Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's export option.
CVSS Score
8.3
EPSS Score
0.014
Published
2024-08-12
Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in file auditing configuration.
CVSS Score
8.3
EPSS Score
0.014
Published
2024-08-12
Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's dashboard.
CVSS Score
8.3
EPSS Score
0.01
Published
2024-08-12
Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in aggregate reports' search option.
CVSS Score
8.3
EPSS Score
0.01
Published
2024-08-12
Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in user session recording.
CVSS Score
8.3
EPSS Score
0.01
Published
2024-08-12
Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to access sensitive information and modifying the agent configuration.
CVSS Score
4.2
EPSS Score
0.0
Published
2024-05-27
Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session recordings.
CVSS Score
5.5
EPSS Score
0.0
Published
2024-05-27
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection in lockout history option.
Note: Non-admin users cannot exploit this vulnerability.
CVSS Score
4.7
EPSS Score
0.099
Published
2024-05-22
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while getting file server details.
CVSS Score
8.3
EPSS Score
0.002
Published
2024-05-20