Zohocorp: Security Vulnerabilities
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the alerts module.
CVSS Score
8.3
EPSS Score
0.029
Published
2025-06-09
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in Service Account Auditing reports.
CVSS Score
8.3
EPSS Score
0.029
Published
2025-06-09
Zohocorp ManageEngine Exchange Reporter Plus versions 5721 and prior are vulnerable to Remote code execution in the Content Search module.
CVSS Score
9.6
EPSS Score
0.045
Published
2025-06-09
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the Service Account Auditing reports.
CVSS Score
8.3
EPSS Score
0.029
Published
2025-06-09
Zohocorp ManageEngine ADAudit Plus versions below 8511 are vulnerable to SQL injection in the OU History report.
CVSS Score
8.3
EPSS Score
0.019
Published
2025-05-23
Zohocorp ManageEngine ADAudit Plus versions below 8511 are vulnerable to SQL injection while exporting reports.
CVSS Score
8.3
EPSS Score
0.02
Published
2025-05-23
Zohocorp ManageEngine ServiceDesk Plus MSP and SupportCenter Plus versions below 14920 are vulnerable to authenticated Local File Inclusion (LFI) in the Admin module, where help card content is loaded.
CVSS Score
6.5
EPSS Score
0.02
Published
2025-05-22
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the logon events aggregate report.
CVSS Score
8.3
EPSS Score
0.043
Published
2025-05-22
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection while fetching service account audit data.
CVSS Score
8.3
EPSS Score
0.039
Published
2025-05-22
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the OU History report.
CVSS Score
8.1
EPSS Score
0.031
Published
2025-05-14