Lucene search
K

20 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-52825

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.06951EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-35849

Malicious code in bioql PyPI...

5.5CVSS5.8AI score0.00458EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-53317

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.03005EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-53319

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.03005EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:42 a.m.12 views

CVE-2023-48792

Zoho ManageEngine ADAudit Plus through 7250 is vulnerable to SQL Injection in the report export option...

9.8CVSS8AI score0.06951EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 4:42 a.m.21 views

CVE-2023-48793

Zoho ManageEngine ADAudit Plus through 7250 allows SQL Injection in the aggregate report feature...

9.8CVSS8.2AI score0.06951EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/05/09 12:0 a.m.4 views

PT-2025-24424 · Zoho · Zoho Manageengine Adaudit Plus

Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine ADAudit Plus versions 8510 and prior Description: The issue is related to authenticated SQL injection in the alerts module. Recommendations: For versions 8510 and prior, consider disabling the alerts module until a patch...

8.7CVSS7.2AI score0.01277EPSS
Exploits0References7
CVE
CVE
added 2024/05/27 5:59 p.m.78 views

CVE-2024-36037

Zoho ManageEngine ADAudit Plus (Windows AD management tool) is affected by CVE-2024-36037 due to an insufficient access control flaw. Versions 7260 and below expose session recordings to unauthorized local agent machine users. The root cause is improper access control, enabling viewing of other u...

5.5CVSS6.5AI score0.00458EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/05/27 5:59 p.m.30 views

CVE-2024-36037 Insufficient Access Control Vulnerability

Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session recordings...

5.5CVSS5.3AI score0.00458EPSS
Exploits0References1
CVE
CVE
added 2024/05/22 6:5 p.m.68 views

CVE-2024-21791

CVE-2024-21791 affects Zoho ManageEngine ADAudit Plus versions below 7271, where a SQL injection in the Lock History option is possible. Root cause: input handling in the lockout history path enables SQL injection. Impact stated in sources includes high confidentiality, integrity, and availabilit...

7.2CVSS5.4AI score0.02152EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/20 5:45 p.m.14 views

CVE-2023-49332

Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file shares...

8.3CVSS8AI score0.03005EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/02/02 12:0 a.m.19 views

CVE-2023-48792

Zoho ManageEngine ADAudit Plus through 7250 is vulnerable to SQL Injection in the report export option...

8AI score0.06951EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/08/07 12:0 a.m.14 views

CVE-2023-32783

The event analysis component in Zoho ManageEngine ADAudit Plus 7.1.1 allows an attacker to bypass audit detection by creating or renaming user accounts with a "$" symbol suffix. NOTE: the vendor states "We do not consider this as a security bug and it's an expected behaviour."...

6.9AI score0.03205EPSS
Exploits1References1
Prion
Prion
added 2022/04/05 7:15 p.m.13 views

Privilege escalation

Zoho ManageEngine ADAudit Plus before 7055 allows authenticated Privilege Escalation on Integrated products. This occurs because a password field is present in a JSON response...

6.5CVSS8.6AI score0.01092EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/04/05 6:32 p.m.238 views

CVE-2022-28219

Summary of CVE-2022-28219 findings (Zoho ManageEngine ADAudit Plus) : ADAudit Plus versions before build 7060 are vulnerable to an unauthenticated XML External Entity (XXE) injection and a path traversal in the /cewolf endpoint, enabling remote code execution. Public advisories (and multiple secu...

9.8CVSS9.5AI score0.97011EPSS
In wildExploits6References5Affected Software1
Cvelist
Cvelist
added 2022/04/05 6:24 p.m.26 views

CVE-2022-24978

Zoho ManageEngine ADAudit Plus before 7055 allows authenticated Privilege Escalation on Integrated products. This occurs because a password field is present in a JSON response...

8.9AI score0.01092EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/04/05 12:0 a.m.5 views

ZOHO ManageEngine ADAudit Plus 安全漏洞

An elevation of privilege vulnerability previously existed in Zoho ManageEngine ADAudit Plus 7055, which stems from the presence of a password field in a JSON response that an attacker could could use this vulnerability to perform an authenticated elevation of privilege on the integrated product...

8.8CVSS5.7AI score0.01092EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/04/05 12:0 a.m.6 views

PT-2022-3394 · Zoho · Zoho Manageengine Adaudit Plus

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine ADAudit Plus versions prior to 7060 Description: The issue is related to the cewolf component in Zoho ManageEngine ADAudit Plus, which is vulnerable to an unauthenticated XXE attack due to incorrect restriction of XML extern...

10CVSS9.6AI score0.97011EPSS
Exploits6References30
Prion
Prion
added 2018/05/29 8:29 p.m.13 views

Sql injection

Zoho ManageEngine ADAudit Plus before 5.0.0 build 5100 allows blind SQL Injection...

7.5CVSS9.6AI score0.08318EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2018/05/29 8:0 p.m.49 views

CVE-2018-10466

Zoho ManageEngine ADAudit Plus is affected by CVE-2018-10466: a SQL injection vulnerability in ADAudit Plus before version 5.0.0 build 5100. Root cause is unsafe handling of input that enables blind SQL injection, allowing a remote attacker to execute arbitrary SQL commands (impacting confidentia...

9.8CVSS9.6AI score0.08318EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder