CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

56 matches found

EUVD•added 2026/04/16 3:31 p.m.•2 views

EUVD-2026-23239

Zohocorp ManageEngine PAM360 versions before 8531 and ManageEngine Password Manager Pro versions from 8600 to 13230 are vulnerable to Authenticated SQL injection in the query report module...

8.1CVSS5.9AI score0.00028EPSS

Exploits0References2

NVD•added 2026/04/16 2:16 p.m.•0 views

CVE-2026-5785

Zohocorp ManageEngine PAM360 versions before 8531 and ManageEngine Password Manager Pro versions from 8600 to 13230 are vulnerable to Authenticated SQL injection in the query report module...

8.1CVSS0.00028EPSS

Exploits0References1

CVE•added 2026/04/16 1:46 p.m.•3 views

CVE-2026-5785

The CVE-2026-5785 issue affects Zohocorp ManageEngine PAM360 (versions before 8531) and ManageEngine Password Manager Pro (versions 8600 to 13230). The vulnerability is an Authenticated SQL injection in the query report module, allowing an attacker with LOW privileges and no user interaction to t...

8.1CVSS5.9AI score0.00028EPSS

Exploits0References1

Cvelist•added 2026/04/16 1:46 p.m.•23 views

CVE-2026-5785 SQL Injection

Zohocorp ManageEngine PAM360 versions before 8531 and ManageEngine Password Manager Pro versions from 8600 to 13230 are vulnerable to Authenticated SQL injection in the query report module...

8.1CVSS0.00028EPSS

Exploits0References1

ATTACKERKB•added 2026/04/16 1:46 p.m.•2 views

CVE-2026-5785

Zohocorp ManageEngine PAM360 versions before 8531 and ManageEngine Password Manager Pro versions from 8600 to 13230 are vulnerable to Authenticated SQL injection in the query report module...

8.1CVSS5.9AI score0.00028EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2026/04/16 1:46 p.m.•3 views

CVE-2026-5785 SQL Injection

Zohocorp ManageEngine PAM360 versions before 8531 and ManageEngine Password Manager Pro versions from 8600 to 13230 are vulnerable to Authenticated SQL injection in the query report module...

8.1CVSS5.9AI score0.00028EPSS

Exploits0References1

Positive Technologies•added 2026/04/16 12:0 a.m.•1 views

PT-2026-33319

Name of the Vulnerable Software and Affected Versions ManageEngine PAM360 versions prior to 8531 ManageEngine Password Manager Pro versions 8600 through 13230 Description An authenticated SQL injection exists in the query report module. SQL injection is a type of flaw that allows an attacker to...

8.1CVSS5.8AI score0.00028EPSS

Exploits0References6

CVE•added 2026/03/19 10:37 p.m.•5 views

CVE-2026-29096

SuiteCRM 7.15.x and 8.9.x are affected by CVE-2026-29096 due to unsanitized handling of the field_function parameter in AOR_Reports. When creating or editing a report, the POST field_function value is saved into the aor_fields table without validation, and later concatenated directly into a SQL S...

8.1CVSS6AI score0.00014EPSS

Exploits0References2Affected Software1

RedhatCVE•added 2026/01/09 12:10 p.m.•5 views

CVE-2018-18406

An issue was discovered in Tufin SecureTrack 18.1 with TufinOS 2.16 build 1179Final. The Audit Report module is affected by a blind XXE vulnerability when a new Best Practices Report is saved using a special payload inside the xml input field. The XXE vulnerability is blind since the response...

9.9CVSS6.7AI score0.00653EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 11:51 a.m.•4 views

CVE-2009-4990

Cross-site scripting XSS vulnerability in the Webform report module 5.x and 6.x for Drupal allows remote attackers to inject arbitrary web script or HTML via a submission...

4.3CVSS5.9AI score0.00246EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:57 a.m.•1 views

CVE-2022-38538

Archery v1.7.0 to v1.8.5 was discovered to contain a SQL injection vulnerability via the checksum parameter in the report module...

9.8CVSS8.4AI score0.00322EPSS

Exploits0References1

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-177425

Malicious code in optimize-report-pi-module-hash npm...

6.6AI score

Exploits0