CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-41444 – SQL Injection
https://notcve.org/view.php?id=CVE-2025-41444
09 Jun 2025 — Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the alerts module. Las versiones 8510 y anteriores de Zohocorp ManageEngine ADAudit Plus son vulnerables a la inyección de SQL autenticada en el módulo de alertas. • https://www.manageengine.com/products/active-directory-audit/cve-2025-41444.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-36528 – SQL Injection
https://notcve.org/view.php?id=CVE-2025-36528
09 Jun 2025 — Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in Service Account Auditing reports. Las versiones 8510 y anteriores de Zohocorp ManageEngine ADAudit Plus son vulnerables a la inyección de SQL autenticado en los informes de auditoría de cuentas de servicio. • https://www.manageengine.com/products/active-directory-audit/cve-2025-36528.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27709 – SQL Injection
https://notcve.org/view.php?id=CVE-2025-27709
09 Jun 2025 — Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the Service Account Auditing reports. Las versiones 8510 y anteriores de Zohocorp ManageEngine ADAudit Plus son vulnerables a la inyección de SQL autenticado en los informes de auditoría de cuentas de servicio. • https://www.manageengine.com/products/active-directory-audit/cve-2025-27709.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-41407 – SQL Injection
https://notcve.org/view.php?id=CVE-2025-41407
23 May 2025 — Zohocorp ManageEngine ADAudit Plus versions below 8511 are vulnerable to SQL injection in the OU History report. Zohocorp ManageEngine ADAudit Plus versions below 8511 are vulnerable to SQL injection in the OU History report. • https://www.manageengine.com/products/active-directory-audit/cve-2025-41407.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-36527 – SQL Injection
https://notcve.org/view.php?id=CVE-2025-36527
23 May 2025 — Zohocorp ManageEngine ADAudit Plus versions below 8511 are vulnerable to SQL injection while exporting reports. Zohocorp ManageEngine ADAudit Plus versions below 8511 are vulnerable to SQL injection while exporting reports. • https://www.manageengine.com/products/active-directory-audit/cve-2025-36527.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-41403 – SQL Injection
https://notcve.org/view.php?id=CVE-2025-41403
22 May 2025 — Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection while fetching service account audit data. Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection while fetching service account audit data. • https://www.manageengine.com/products/active-directory-audit/cve-2025-41403.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-3836 – SQL Injection
https://notcve.org/view.php?id=CVE-2025-3836
22 May 2025 — Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the logon events aggregate report. Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the logon events aggregate report. • https://www.manageengine.com/products/active-directory-audit/cve-2025-3836.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-3834 – SQL Injection
https://notcve.org/view.php?id=CVE-2025-3834
14 May 2025 — Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the OU History report. Las versiones 8510 y anteriores de Zohocorp ManageEngine ADAudit Plus son vulnerables a la inyección de SQL autenticada en el informe de historial de OU. Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the OU History report. • https://www.manageengine.com/products/active-directory-audit/cve-2025-3834.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.7EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49574 – SQL Injection
https://notcve.org/view.php?id=CVE-2024-49574
18 Nov 2024 — Zohocorp ManageEngine ADAudit Plus versions below 8123 are vulnerable to SQL Injection in the reports module. Zohocorp ManageEngine ADAudit Plus versions below 8123 are vulnerable to SQL Injection in the reports module. • https://www.manageengine.com/products/active-directory-audit/cve-2024-49574.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-36485 – SQL Injection
https://notcve.org/view.php?id=CVE-2024-36485
04 Nov 2024 — Zohocorp ManageEngine ADAudit Plus versions 8121 and prior are vulnerable to SQL Injection in Technician reports option. Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to SQL Injection in Technician reports option. Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to SQL Injection in Technician reports option. • https://www.manageengine.com/products/active-directory-audit/cve-2024-36485.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •