CVSS: 8.7EPSS: 0%CPEs: 2EXPL: 0CVE-2024-9459 – SQL Injection
https://notcve.org/view.php?id=CVE-2024-9459
05 Nov 2024 — Zohocorp ManageEngine Exchange Reporter Plus versions 5718 and prior are vulnerable to authenticated SQL Injection in reports module. Zohocorp ManageEngine Exchange Reporter Plus versions 5718 and prior are vulnerable to authenticated SQL Injection in reports module. • https://www.manageengine.com/products/exchange-reports/advisory/CVE-2024-9459.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 1%CPEs: 2EXPL: 0CVE-2024-38872 – SQL Injection
https://notcve.org/view.php?id=CVE-2024-38872
26 Jul 2024 — Zohocorp ManageEngine Exchange Reporter Plus versions 5717 and below are vulnerable to the authenticated SQL injection in the monitoring module. • https://www.manageengine.com/products/exchange-reports/advisory/CVE-2024-38872.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 1%CPEs: 2EXPL: 0CVE-2024-38871 – SQL Injection
https://notcve.org/view.php?id=CVE-2024-38871
26 Jul 2024 — Zohocorp ManageEngine Exchange Reporter Plus versions 5717 and below are vulnerable to the authenticated SQL injection in the reports module. • https://www.manageengine.com/products/exchange-reports/advisory/CVE-2024-38871.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.3EPSS: 6%CPEs: 1EXPL: 0CVE-2024-21775 – SQL Injection
https://notcve.org/view.php?id=CVE-2024-21775
16 Feb 2024 — Zoho ManageEngine Exchange Reporter Plus versions 5714 and below are vulnerable to the Authenticated SQL injection in report exporting feature. Zoho ManageEngine Exchange Reporter Plus versiones 5714 y siguientes son vulnerables a la inyección de SQL autenticado en la función de exportación de informes. Zoho ManageEngine Exchange Reporter Plus versions 5714 and below are vulnerable to the Authenticated SQL injection in report exporting feature. • https://www.manageengine.com/products/exchange-reports/advisory/CVE-2024-21775.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •