CVE-2025-8324

Zohocorp ManageEngine Analytics Plus versions 6170 and below are vulnerable to Unauthenticated SQL Injection due to the improper filter configuration...

EUVD-2025-84350

Zohocorp ManageEngine Analytics Plus versions 6170 and below are vulnerable to Unauthenticated SQL Injection due to the improper filter configuration...

CVE-2025-8324

Zohocorp ManageEngine Analytics Plus versions 6170 and below are vulnerable to Unauthenticated SQL Injection due to the improper filter configuration...

CVE-2025-8324

Zohocorp ManageEngine Analytics Plus (ZOHO/ManageEngine Analytics Plus) is affected for versions 6170 and earlier by an Unauthenticated SQL Injection due to improper filter configuration. The vulnerability allows an attacker to view, modify, or delete information in the backend database. Affected...

CVE-2025-8324 SQL Injection

Zohocorp ManageEngine Analytics Plus versions 6170 and below are vulnerable to Unauthenticated SQL Injection due to the improper filter configuration...

PT-2025-46335

Name of the Vulnerable Software and Affected Versions ManageEngine Analytics Plus versions 6170 and below Description ManageEngine Analytics Plus versions 6170 and below are susceptible to an Unauthenticated SQL Injection due to improper filter configuration. This allows an attacker to execute...

ZOHO ManageEngine Analytics Plus 安全漏洞

ZOHO ManageEngine Analytics Plus is a self-service IT analytics solution from ZOHO. Get a better view of your IT data with rich visualizations and dashboards. A SQL injection vulnerability exists in ZOHO ManageEngine Analytics Plus. An attacker can use this vulnerability to view, add, modify, or...

CVE-2025-9428

Zohocorp ManageEngine Analytics Plus versions 6171 and prior are vulnerable to authenticated SQL Injection via the key update api...

CVE-2025-9428

Zohocorp ManageEngine Analytics Plus versions 6171 and prior are vulnerable to authenticated SQL Injection via the key update api...

EUVD-2025-35160

Zohocorp ManageEngine Analytics Plus versions 6171 and prior are vulnerable to authenticated SQL Injection via the key update api...

CVE-2025-9428 SQL Injection

Zohocorp ManageEngine Analytics Plus versions 6171 and prior are vulnerable to authenticated SQL Injection via the key update api...

CVE-2025-9428 SQL Injection

Zohocorp ManageEngine Analytics Plus versions 6171 and prior are vulnerable to authenticated SQL Injection via the key update api...

CVE-2025-9428

CVE-2025-9428 affects Zohocorp ManageEngine Analytics Plus prior to or at version 6171, with an authenticated SQL Injection via the key update API. Impact described across sources as potential unauthorized data exposure and database manipulation (HIGH risk per CVSS references). Public advisories ...

EUVD-2020-14409

Malware in sbrugna...

EUVD-2024-45993

Malicious code in bioql PyPI...

EUVD-2024-49730

Malicious code in bioql PyPI...

CVE-2024-9100

Zohocorp ManageEngine Analytics Plus versions before 5410 and Zoho Analytics On-Premise versions before 5410 are vulnerable to Path traversal...

CVE-2025-1724

Zohocorp's ManageEngine Analytics Plus and Zoho Analytics on-premise versions older than 6130 are vulnerable to an AD only account takeover because of a hardcoded sensitive token...

CVE-2025-1724

Affected products: Zohocorp’s ManageEngine Analytics Plus and Zoho Analytics on‑premise, versions older than 6130. Root cause: hardcoded sensitive token leading to an AD‑only account takeover. Impact: potential unauthorized AD account access; impact details are as described in the sources. Exploi...

ManageEngine Analytics Plus getOAToken Exposed Dangerous Method Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of ManageEngine Analytics Plus. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the getOAToken action. The issue results from an exposed...