CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-36485 – SQL Injection
https://notcve.org/view.php?id=CVE-2024-36485
04 Nov 2024 — Zohocorp ManageEngine ADAudit Plus versions 8121 and prior are vulnerable to SQL Injection in Technician reports option. Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to SQL Injection in Technician reports option. Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to SQL Injection in Technician reports option. • https://www.manageengine.com/products/active-directory-audit/cve-2024-36485.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-5608 – SQL Injection
https://notcve.org/view.php?id=CVE-2024-5608
24 Oct 2024 — Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to SQL Injection in the technician reports feature. • https://www.manageengine.com/products/active-directory-audit/cve-2024-5608.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-5586 – SQL Injection
https://notcve.org/view.php?id=CVE-2024-5586
23 Aug 2024 — Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in extranet lockouts report option. Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in extranet lockouts report option. • https://www.manageengine.com/products/active-directory-audit/cve-2024-5586.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-5556 – SQL Injection
https://notcve.org/view.php?id=CVE-2024-5556
23 Aug 2024 — Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in reports module. Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in reports module. • https://www.manageengine.com/products/active-directory-audit/cve-2024-5556.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-5490 – SQL Injection
https://notcve.org/view.php?id=CVE-2024-5490
23 Aug 2024 — Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in aggregate reports option. Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in aggregate reports option. • https://www.manageengine.com/products/active-directory-audit/cve-2024-5490.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-36514 – SQL Injection
https://notcve.org/view.php?id=CVE-2024-36514
23 Aug 2024 — Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in file summary option. Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in file summary option. • https://www.manageengine.com/products/active-directory-audit/cve-2024-36514.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-36515 – SQL Injection
https://notcve.org/view.php?id=CVE-2024-36515
23 Aug 2024 — Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard. Note: This vulnerability is different from another vulnerability (CVE-2024-36516), both of which have affected ADAudit Plus' dashboard. Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard. Note: This vulnerability is different from another vulnerability (CVE-2024-36516), both of which have affected ADAudit Plus' dashboard. • https://www.manageengine.com/products/active-directory-audit/cve-2024-36515.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-36516 – SQL Injection
https://notcve.org/view.php?id=CVE-2024-36516
23 Aug 2024 — Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard. Note: This vulnerability is different from another vulnerability (CVE-2024-36515), both of which have affected ADAudit Plus' dashboard. Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard. Note: This vulnerability is different from another vulnerability (CVE-2024-36515), both of which have affected ADAudit Plus' dashboard. • https://www.manageengine.com/products/active-directory-audit/cve-2024-36516.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-36517 – SQL Injection
https://notcve.org/view.php?id=CVE-2024-36517
23 Aug 2024 — Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in alerts module. Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in alerts module. • https://www.manageengine.com/products/active-directory-audit/cve-2024-36517.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-5467 – SQL Injection
https://notcve.org/view.php?id=CVE-2024-5467
23 Aug 2024 — Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in account lockout report. Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in account lockout report. • https://www.manageengine.com/products/active-directory-audit/cve-2024-5467.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •