Adaudit Plus
by Manageengine
CVEs (41)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-36515 | 0.00 | — | 0.05 | Aug 23, 2024 | Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard. Note: This vulnerability is different from another vulnerability (CVE-2024-36516), both of which have affected ADAudit Plus' dashboard. | |||
| CVE-2024-36516 | 0.00 | — | 0.04 | Aug 23, 2024 | Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard. Note: This vulnerability is different from another vulnerability (CVE-2024-36515), both of which have affected ADAudit Plus' dashboard. | |||
| CVE-2024-36517 | 0.00 | — | 0.05 | Aug 23, 2024 | Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in alerts module. | |||
| CVE-2024-5467 | 0.00 | — | 0.05 | Aug 23, 2024 | Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in account lockout report. | |||
| CVE-2024-36034 | 0.00 | — | 0.07 | Aug 12, 2024 | Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in aggregate reports' search option. | |||
| CVE-2024-36035 | 0.00 | — | 0.07 | Aug 12, 2024 | Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in user session recording. | |||
| CVE-2024-36518 | 0.00 | — | 0.03 | Aug 12, 2024 | Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's dashboard. | |||
| CVE-2024-5487 | 0.00 | — | 0.05 | Aug 12, 2024 | Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's export option. | |||
| CVE-2024-5527 | 0.00 | — | 0.05 | Aug 12, 2024 | Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in file auditing configuration. | |||
| CVE-2024-36037 | 0.00 | — | 0.00 | May 27, 2024 | Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session recordings. | |||
| CVE-2024-36036 | 0.00 | — | 0.00 | May 27, 2024 | Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to access sensitive information and modifying the agent configuration. | |||
| CVE-2024-21791 | 0.00 | — | 0.02 | May 22, 2024 | Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection in lockout history option. Note: Non-admin users cannot exploit this vulnerability. | |||
| CVE-2023-49335 | 0.00 | — | 0.03 | May 20, 2024 | Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while getting file server details. | |||
| CVE-2023-49334 | 0.00 | — | 0.03 | May 20, 2024 | Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while exporting a full summary report. | |||
| CVE-2023-49333 | 0.00 | — | 0.03 | May 20, 2024 | Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the dashboard graph feature. | |||
| CVE-2023-49332 | 0.00 | — | 0.03 | May 20, 2024 | Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file shares. | |||
| CVE-2023-49331 | 0.00 | — | 0.03 | May 20, 2024 | Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the aggregate reports search option. | |||
| CVE-2023-49330 | 0.00 | — | 0.02 | May 20, 2024 | Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while getting aggregate report data. | |||
| CVE-2024-0269 | 0.00 | — | 0.05 | Feb 2, 2024 | ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in File-Summary DrillDown. This issue has been fixed and released in version 7271. | |||
| CVE-2024-0253 | 0.00 | — | 0.05 | Feb 2, 2024 | ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in home Graph-Data. |
- CVE-2024-36515Aug 23, 2024risk 0.00cvss —epss 0.05
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard. Note: This vulnerability is different from another vulnerability (CVE-2024-36516), both of which have affected ADAudit Plus' dashboard.
- CVE-2024-36516Aug 23, 2024risk 0.00cvss —epss 0.04
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard. Note: This vulnerability is different from another vulnerability (CVE-2024-36515), both of which have affected ADAudit Plus' dashboard.
- CVE-2024-36517Aug 23, 2024risk 0.00cvss —epss 0.05
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in alerts module.
- CVE-2024-5467Aug 23, 2024risk 0.00cvss —epss 0.05
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in account lockout report.
- CVE-2024-36034Aug 12, 2024risk 0.00cvss —epss 0.07
Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in aggregate reports' search option.
- CVE-2024-36035Aug 12, 2024risk 0.00cvss —epss 0.07
Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in user session recording.
- CVE-2024-36518Aug 12, 2024risk 0.00cvss —epss 0.03
Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's dashboard.
- CVE-2024-5487Aug 12, 2024risk 0.00cvss —epss 0.05
Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's export option.
- CVE-2024-5527Aug 12, 2024risk 0.00cvss —epss 0.05
Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in file auditing configuration.
- CVE-2024-36037May 27, 2024risk 0.00cvss —epss 0.00
Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session recordings.
- CVE-2024-36036May 27, 2024risk 0.00cvss —epss 0.00
Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to access sensitive information and modifying the agent configuration.
- CVE-2024-21791May 22, 2024risk 0.00cvss —epss 0.02
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection in lockout history option. Note: Non-admin users cannot exploit this vulnerability.
- CVE-2023-49335May 20, 2024risk 0.00cvss —epss 0.03
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while getting file server details.
- CVE-2023-49334May 20, 2024risk 0.00cvss —epss 0.03
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while exporting a full summary report.
- CVE-2023-49333May 20, 2024risk 0.00cvss —epss 0.03
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the dashboard graph feature.
- CVE-2023-49332May 20, 2024risk 0.00cvss —epss 0.03
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file shares.
- CVE-2023-49331May 20, 2024risk 0.00cvss —epss 0.03
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the aggregate reports search option.
- CVE-2023-49330May 20, 2024risk 0.00cvss —epss 0.02
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while getting aggregate report data.
- CVE-2024-0269Feb 2, 2024risk 0.00cvss —epss 0.05
ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in File-Summary DrillDown. This issue has been fixed and released in version 7271.
- CVE-2024-0253Feb 2, 2024risk 0.00cvss —epss 0.05
ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in home Graph-Data.
Page 2 of 3