CVE-2024-36518

Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's dashboard...

ManageEngine ADAudit Plus < Build 8110 Multiple Vulnerabilities

The version of ManageEngine ADAudit Plus installed on the remote host is prior to build 8110. It is, therefore, affected by multiple vulnerabilities. - Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's export option...

CVE-2024-5487

Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's export option...

CVE-2024-36518

Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's dashboard...

CVE-2024-36518 SQL Injection

Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's dashboard...

CVE-2024-5487 SQL Injection

Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's export option...

CVE-2024-5487

CVE-2024-5487 affects Zohocorp ManageEngine ADAudit Plus versions below 8110. It is an authenticated SQL Injection vulnerability in the attack surface analyzer’s export option, with CVSS: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD) and base score 8.8 HIGH. Red Hat and other feeds corroborate the is...

CVE-2024-5487 SQL Injection

Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's export option...

ZOHO ManageEngine ADAudit Plus 安全漏洞

ZOHO ManageEngine ADAudit Plus is used by ZOHO USA, Inc. to simplify auditing, prove compliance and detect threats. A security vulnerability exists in ZOHO ManageEngine ADAudit Plus version 8110 and prior versions, which stems from a vulnerability to authenticated SQL injection attacks in the...

ZOHO ManageEngine ADAudit Plus 安全漏洞

ZOHO ManageEngine ADAudit Plus is used by ZOHO USA, Inc. to simplify auditing, prove compliance and detect threats. A security vulnerability exists in ZOHO ManageEngine ADAudit Plus prior to version 8110, which stems from the vulnerability to authenticated SQL injection attacks in the Attack...

PT-2024-8780 · Zoho · Zoho Manageengine Adaudit Plus

Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine ADAudit Plus versions below 8110 Description: The issue is related to a lack of protection of the SQL query structure in the Windows Active Directory management and reporting tool. This can allow a remote attacker to...

PT-2024-8781 · Zohocorp · Zoho Manageengine Adaudit Plus

Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine ADAudit Plus versions below 8110 Description: The issue is related to a lack of protection in the SQL query structure, which can be exploited to execute custom queries and gain access to database table records. This is a...

Schneider Electric MiCOM S1 Studio Improper Authorization Vulnerability

Overview This advisory provides mitigation details for a vulnerability affecting the Schneider Electric MiCOM S1 Studio Software. Independent researcher Michael Toecker of Digital Bond has identified an improper authorization vulnerability in the MiCOM S1 Studio Software using the Microsoft Attac...

Microsoft Releases Attack Surface Analyzer Tool

Microsoft has released a public version of its internal Attack Surface Analyzer tool, which helps organizations identify changes to a system’s attack surface as new applications are added. The tool has been in beta for a few months, but this is the first official release. The Attack Surface...