Zohocorp: Security Vulnerabilities
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file shares.
CVSS Score
8.3
EPSS Score
0.002
Published
2024-05-20
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the dashboard graph feature.
CVSS Score
8.3
EPSS Score
0.002
Published
2024-05-20
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while exporting a full summary report.
CVSS Score
8.3
EPSS Score
0.002
Published
2024-05-20
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while getting aggregate report data.
CVSS Score
8.3
EPSS Score
0.003
Published
2024-05-20
Zohocorp ManageEngine PAM360 version 6601 is vulnerable to authorization vulnerability which allows a low-privileged user to perform admin actions.
Note: This vulnerability affects only the PAM360 6600 version. No other versions are applicable to this vulnerability.
CVSS Score
8.1
EPSS Score
0.002
Published
2024-05-20
Zoho ManageEngine Exchange Reporter Plus versions 5714 and below are vulnerable to the Authenticated SQL injection in report exporting feature.
CVSS Score
8.3
EPSS Score
0.003
Published
2024-02-16
ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in home Graph-Data.
CVSS Score
8.3
EPSS Score
0.004
Published
2024-02-02
ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in File-Summary DrillDown. This issue has been fixed and released in version 7271.
CVSS Score
8.3
EPSS Score
0.004
Published
2024-02-02
Zoho ManageEngine ADAudit Plus through 7250 is vulnerable to SQL Injection in the report export option.
CVSS Score
9.8
EPSS Score
0.079
Published
2024-02-02
Zoho ManageEngine ADAudit Plus through 7250 allows SQL Injection in the aggregate report feature.
CVSS Score
9.8
EPSS Score
0.079
Published
2024-02-02