OpenCVE

Filtered by vendor Manageengine Subscriptions

Filtered by product Adaudit Plus Subscriptions

Total 16 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-36037	1 Manageengine	1 Adaudit Plus	2024-10-25	5.5 Medium
Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session recordings.
CVE-2024-5608	1 Manageengine	1 Adaudit Plus	2024-10-25	8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to SQL Injection in the technician reports feature.
CVE-2010-2049	1 Manageengine	1 Adaudit Plus	2024-09-16	N/A
Cross-site scripting (XSS) vulnerability in jsp/audit/reports/ExportReport.jsp in ManageEngine ADAudit Plus 4.0.0 build 4043 allows remote attackers to inject arbitrary web script or HTML via the reportList parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2024-5586	2 Manageengine, Zohocorp	2 Adaudit Plus, Manageengine Adaudit Plus	2024-08-27	8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in extranet lockouts report option.
CVE-2024-5556	2 Manageengine, Zohocorp	2 Adaudit Plus, Manageengine Adaudit Plus	2024-08-27	8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in reports module.
CVE-2024-5490	2 Manageengine, Zohocorp	2 Adaudit Plus, Manageengine Adaudit Plus	2024-08-27	8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in aggregate reports option.
CVE-2024-5467	2 Manageengine, Zohocorp	2 Adaudit Plus, Manageengine Adaudit Plus	2024-08-27	8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in account lockout report.
CVE-2024-36517	2 Manageengine, Zohocorp	2 Adaudit Plus, Manageengine Adaudit Plus	2024-08-27	8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in alerts module.
CVE-2024-36516	2 Manageengine, Zohocorp	2 Adaudit Plus, Manageengine Adaudit Plus	2024-08-27	8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard. Note: This vulnerability is different from another vulnerability (CVE-2024-36515), both of which have affected ADAudit Plus' dashboard.
CVE-2024-36514	2 Manageengine, Zohocorp	2 Adaudit Plus, Manageengine Adaudit Plus	2024-08-27	8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in file summary option.
CVE-2024-36515	2 Manageengine, Zohocorp	2 Adaudit Plus, Manageengine Adaudit Plus	2024-08-27	8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard. Note: This vulnerability is different from another vulnerability (CVE-2024-36516), both of which have affected ADAudit Plus' dashboard.
CVE-2024-5527	2 Manageengine, Zohocorp	2 Adaudit Plus, Manageengine Adaudit Plus	2024-08-16	8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in file auditing configuration.
CVE-2024-36035	2 Manageengine, Zohocorp	2 Adaudit Plus, Manageengine Adaudit Plus	2024-08-16	8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in user session recording.
CVE-2024-5487	2 Manageengine, Zohocorp	2 Adaudit Plus, Manageengine Adaudit Plus	2024-08-16	8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's export option.
CVE-2024-36034	2 Manageengine, Zohocorp	2 Adaudit Plus, Manageengine Adaudit Plus	2024-08-16	8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in aggregate reports' search option.
CVE-2024-36518	1 Manageengine	1 Adaudit Plus	2024-08-16	8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's dashboard.

Page 1 of 1.