CVE-2024-36517

Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in alerts module...

CVE-2024-36517

Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in alerts module...

CVE-2024-36516

Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard. Note: This vulnerability is different from another vulnerability CVE-2024-36515, both of which have affected ADAudit Plus' dashboard...

CVE-2024-36514

Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in file summary option...

CVE-2024-36515

CVE-2024-36515 affects Zohocorp ManageEngine ADAudit Plus versions below 8000. The issue is an authenticated SQL injection in the dashboard component, due to improper handling of inputs in dashboard queries. The impact is described as high in the CVE entries. No remediation steps are provided in ...

PT-2024-27043 · Zohocorp Manageengine · Adaudit Plus

Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine ADAudit Plus versions below 8000 Description: The issue is related to an authenticated SQL injection in the dashboard of ADAudit Plus. This vulnerability is distinct from another issue affecting the same dashboard...

CVE-2024-5487

Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's export option...

ZOHO ManageEngine ADAudit Plus 安全漏洞

ZOHO ManageEngine ADAudit Plus is used by ZOHO USA, Inc. to simplify auditing, prove compliance and detect threats. A security vulnerability exists in ZOHO ManageEngine ADAudit Plus version 8110 and prior versions, which stems from a vulnerability to authenticated SQL injection attacks in the...

Computer Laboratory Management 1.0 SQL Injection

Exploit Title: Computer Laboratory Management - SQL Injection Authenticated Date: 11/08/2024 Exploit Author: Mert Kuvvet Vendor Homepage: https://www.sourcecodester.com/php/17268/computer-laboratory-management-system-using-php-and-mysql.html Software Link:...

CVE-2024-6748

Zohocorp ManageEngine OpManager, OpManager Plus, OpManager MSP and RMM versions 128317 and below are vulnerable to authenticated SQL injection in the URL monitoring...

PT-2024-37844 · Zoho · Opmanager Plus +3

Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine OpManager, OpManager Plus, OpManager MSP and RMM versions 128317 and below Description: The issue concerns an authenticated SQL injection vulnerability in the URL monitoring feature. Recommendations: For versions 128317...

CVE-2024-38871

Zohocorp ManageEngine Exchange Reporter Plus versions 5717 and below are vulnerable to the authenticated SQL injection in the reports module...

CVE-2024-38872

Zohocorp ManageEngine Exchange Reporter Plus versions 5717 and below are vulnerable to the authenticated SQL injection in the monitoring module...

CVE-2024-21775

Zoho ManageEngine Exchange Reporter Plus versions 5714 and below are vulnerable to the Authenticated SQL injection in report exporting feature...

CVE-2024-0253

ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in home Graph-Data...

CVE-2024-0269

ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in File-Summary DrillDown. This issue has been fixed and released in version 7271...

CVE-2024-0253 SQL Injection

ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in home Graph-Data...

Ivanti Addresses Critical Vulnerability in Endpoint Manager

Summary: Ivanti addressed a critical vulnerability CVE-2023-39336 in its Endpoint Management software, ensuring secure usage for its 40,000 worldwide customers. The flaw, resolved in version 2022 Service Update 5, posed a risk of pre-authenticated sql injection and possibly Remote Code Injection ...

CVE-2023-44482

Leave Management System Project v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'setsickleave' parameter of the admin/setleaves.php resource does not validate the characters received and they are sent unfiltered to the database...

CVE-2023-44482 Leave Management System Project v1.0 - Multiple Authenticated SQL Injections (SQLi)

Leave Management System Project v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'setsickleave' parameter of the admin/setleaves.php resource does not validate the characters received and they are sent unfiltered to the database...