Filtered by vendor Zohocorp
Subscribe
Total
542 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-10839 | 1 Zohocorp | 1 Manageengine Sharepoint Manager Plus | 2024-11-13 | N/A | 8.1 HIGH |
|
Zohocorp ManageEngine SharePoint Manager Plus versions 4503 and prior are vulnerable to authenticated XML External Entity (XXE) in the Management option.
|
|||||
| CVE-2024-36485 | 1 Zohocorp | 1 Manageengine Adaudit Plus | 2024-11-07 | N/A | 8.8 HIGH |
|
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to SQL Injection in Technician reports option.
|
|||||
| CVE-2024-9459 | 1 Zohocorp | 1 Manageengine Exchange Reporter Plus | 2024-11-06 | N/A | 8.8 HIGH |
|
Zohocorp ManageEngine Exchange Reporter Plus versions 5718 and prior are vulnerable to authenticated SQL Injection in reports module.
|
|||||
| CVE-2024-48878 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2024-11-05 | N/A | 8.8 HIGH |
|
Zohocorp ManageEngine ADManager Plus versions 7241 and prior are vulnerable to SQL Injection in Archived Audit Report.
|
|||||
| CVE-2024-6204 | 1 Zohocorp | 1 Manageengine Exchange Reporter Plus | 2024-09-19 | N/A | 8.1 HIGH |
|
Zohocorp ManageEngine Exchange Reporter Plus versions before 5715 are vulnerable to SQL Injection in the reports module.
|
|||||
| CVE-2024-5546 | 1 Zohocorp | 2 Manageengine Pam360, Manageengine Password Manager Pro | 2024-09-19 | N/A | 8.8 HIGH |
|
Zohocorp ManageEngine Password Manager Pro versions before 12431 and ManageEngine PAM360 versions before 7001 are affected by authenticated SQL Injection vulnerability via a global search option.
|
|||||
| CVE-2024-38868 | 1 Zohocorp | 1 Manageengine Endpoint Central | 2024-09-04 | N/A | 8.3 HIGH |
|
Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability while isolating the devices.This issue affects Endpoint Central: before 11.3.2406.08 and before 11.3.2400.15
|
|||||
| CVE-2024-38869 | 1 Zohocorp | 3 Manageengine Servicedesk Plus, Manageengine Servicedesk Plus Msp, Manageengine Supportcenter Plus | 2024-08-30 | N/A | 5.4 MEDIUM |
|
Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability in remote office deploy configurations.This issue affects Endpoint Central: before 11.3.2416.04 and before 11.3.2400.25.
|
|||||
| CVE-2024-5586 | 1 Zohocorp | 1 Manageengine Adaudit Plus | 2024-08-27 | N/A | 8.8 HIGH |
|
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in extranet lockouts report option.
|
|||||
| CVE-2024-5556 | 1 Zohocorp | 1 Manageengine Adaudit Plus | 2024-08-27 | N/A | 8.8 HIGH |
|
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in reports module.
|
|||||
| CVE-2024-5490 | 1 Zohocorp | 1 Manageengine Adaudit Plus | 2024-08-27 | N/A | 8.8 HIGH |
|
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in aggregate reports option.
|
|||||
| CVE-2024-5467 | 1 Zohocorp | 1 Manageengine Adaudit Plus | 2024-08-27 | N/A | 8.8 HIGH |
|
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in account lockout report.
|
|||||
| CVE-2024-41150 | 1 Zohocorp | 3 Manageengine Servicedesk Plus, Manageengine Servicedesk Plus Msp, Manageengine Supportcenter Plus | 2024-08-27 | N/A | 6.1 MEDIUM |
|
An Stored Cross-site Scripting vulnerability in request module affects Zohocorp ManageEngine ServiceDesk Plus, ServiceDesk Plus MSP and SupportCenter Plus.This issue affects ServiceDesk Plus versions: through 14810; ServiceDesk Plus MSP: through 14800; SupportCenter Plus: through 14800.
|
|||||
| CVE-2024-36517 | 1 Zohocorp | 1 Manageengine Adaudit Plus | 2024-08-27 | N/A | 8.8 HIGH |
|
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in alerts module.
|
|||||
| CVE-2024-36516 | 1 Zohocorp | 1 Manageengine Adaudit Plus | 2024-08-27 | N/A | 8.8 HIGH |
|
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard.
Note: This vulnerability is different from another vulnerability (CVE-2024-36515), both of which have affected ADAudit Plus' dashboard.
|
|||||
| CVE-2024-36514 | 1 Zohocorp | 1 Manageengine Adaudit Plus | 2024-08-27 | N/A | 8.8 HIGH |
|
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in file summary option.
|
|||||
| CVE-2024-36515 | 1 Zohocorp | 1 Manageengine Adaudit Plus | 2024-08-27 | N/A | 8.8 HIGH |
|
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard.
Note: This vulnerability is different from another vulnerability (CVE-2024-36516), both of which have affected ADAudit Plus' dashboard.
|
|||||
| CVE-2024-5527 | 1 Zohocorp | 1 Manageengine Adaudit Plus | 2024-08-16 | N/A | 8.8 HIGH |
|
Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in file auditing configuration.
|
|||||
| CVE-2024-36035 | 1 Zohocorp | 1 Manageengine Adaudit Plus | 2024-08-16 | N/A | 8.8 HIGH |
|
Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in user session recording.
|
|||||
| CVE-2024-5487 | 1 Zohocorp | 1 Manageengine Adaudit Plus | 2024-08-16 | N/A | 8.8 HIGH |
|
Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's export option.
|
|||||
| CVE-2024-36034 | 1 Zohocorp | 1 Manageengine Adaudit Plus | 2024-08-16 | N/A | 8.8 HIGH |
|
Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in aggregate reports' search option.
|
|||||
| CVE-2024-5678 | 1 Zohocorp | 1 Manageengine Applications Manager | 2024-08-15 | N/A | 4.7 MEDIUM |
|
Zohocorp ManageEngine Applications Manager versions 170900 and below are vulnerable to the authenticated admin-only SQL Injection in the Create Monitor feature.
|
|||||