VYPR

Adaudit Plus

by Manageengine

CVEs (41)

  • CVE-2024-36515Aug 23, 2024
    risk 0.00cvss epss 0.05

    Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard. Note: This vulnerability is different from another vulnerability (CVE-2024-36516), both of which have affected ADAudit Plus' dashboard.

  • CVE-2024-36516Aug 23, 2024
    risk 0.00cvss epss 0.04

    Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard. Note: This vulnerability is different from another vulnerability (CVE-2024-36515), both of which have affected ADAudit Plus' dashboard.

  • CVE-2024-36517Aug 23, 2024
    risk 0.00cvss epss 0.05

    Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in alerts module.

  • CVE-2024-5467Aug 23, 2024
    risk 0.00cvss epss 0.05

    Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in account lockout report.

  • CVE-2024-36034Aug 12, 2024
    risk 0.00cvss epss 0.07

    Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in aggregate reports' search option.

  • CVE-2024-36035Aug 12, 2024
    risk 0.00cvss epss 0.07

    Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in user session recording.

  • CVE-2024-36518Aug 12, 2024
    risk 0.00cvss epss 0.03

    Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's dashboard.

  • CVE-2024-5487Aug 12, 2024
    risk 0.00cvss epss 0.05

    Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's export option.

  • CVE-2024-5527Aug 12, 2024
    risk 0.00cvss epss 0.05

    Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in file auditing configuration.

  • CVE-2024-36037May 27, 2024
    risk 0.00cvss epss 0.00

    Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session recordings.

  • CVE-2024-36036May 27, 2024
    risk 0.00cvss epss 0.00

    Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to access sensitive information and modifying the agent configuration.

  • CVE-2024-21791May 22, 2024
    risk 0.00cvss epss 0.02

    Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection in lockout history option. Note: Non-admin users cannot exploit this vulnerability.

  • CVE-2023-49335May 20, 2024
    risk 0.00cvss epss 0.03

    Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while getting file server details.

  • CVE-2023-49334May 20, 2024
    risk 0.00cvss epss 0.03

    Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while exporting a full summary report.

  • CVE-2023-49333May 20, 2024
    risk 0.00cvss epss 0.03

    Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the dashboard graph feature.

  • CVE-2023-49332May 20, 2024
    risk 0.00cvss epss 0.03

    Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file shares.

  • CVE-2023-49331May 20, 2024
    risk 0.00cvss epss 0.03

    Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the aggregate reports search option.

  • CVE-2023-49330May 20, 2024
    risk 0.00cvss epss 0.02

    Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while getting aggregate report data.

  • CVE-2024-0269Feb 2, 2024
    risk 0.00cvss epss 0.05

    ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in File-Summary DrillDown. This issue has been fixed and released in version 7271.

  • CVE-2024-0253Feb 2, 2024
    risk 0.00cvss epss 0.05

    ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in home Graph-Data.