Filtered by vendor Zohocorp Subscriptions
Total 496 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-38868 1 Zohocorp 1 Manageengine Endpoint Central 2024-09-04 7.6 High
Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability while isolating the devices.This issue affects Endpoint Central: before 11.3.2406.08 and before 11.3.2400.15
CVE-2024-38869 1 Zohocorp 4 Manageengine Endpoint Central, Manageengine Servicedesk Plus, Manageengine Servicedesk Plus Msp and 1 more 2024-08-30 8.3 High
Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability in remote office deploy configurations.This issue affects Endpoint Central: before 11.3.2416.04 and before 11.3.2400.25.
CVE-2024-5586 2 Manageengine, Zohocorp 2 Adaudit Plus, Manageengine Adaudit Plus 2024-08-27 8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in extranet lockouts report option.
CVE-2024-5556 2 Manageengine, Zohocorp 2 Adaudit Plus, Manageengine Adaudit Plus 2024-08-27 8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in reports module.
CVE-2024-5490 2 Manageengine, Zohocorp 2 Adaudit Plus, Manageengine Adaudit Plus 2024-08-27 8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in aggregate reports option.
CVE-2024-5467 2 Manageengine, Zohocorp 2 Adaudit Plus, Manageengine Adaudit Plus 2024-08-27 8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in account lockout report.
CVE-2024-41150 1 Zohocorp 3 Manageengine Servicedesk Plus, Manageengine Servicedesk Plus Msp, Manageengine Supportcenter Plus 2024-08-27 6.3 Medium
An Stored Cross-site Scripting vulnerability in request module affects Zohocorp ManageEngine ServiceDesk Plus, ServiceDesk Plus MSP and SupportCenter Plus.This issue affects ServiceDesk Plus versions: through 14810; ServiceDesk Plus MSP: through 14800; SupportCenter Plus: through 14800.
CVE-2024-36517 2 Manageengine, Zohocorp 2 Adaudit Plus, Manageengine Adaudit Plus 2024-08-27 8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in alerts module.
CVE-2024-36516 2 Manageengine, Zohocorp 2 Adaudit Plus, Manageengine Adaudit Plus 2024-08-27 8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard. Note: This vulnerability is different from another vulnerability (CVE-2024-36515), both of which have affected ADAudit Plus' dashboard.
CVE-2024-36514 2 Manageengine, Zohocorp 2 Adaudit Plus, Manageengine Adaudit Plus 2024-08-27 8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in file summary option.
CVE-2024-36515 2 Manageengine, Zohocorp 2 Adaudit Plus, Manageengine Adaudit Plus 2024-08-27 8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard. Note: This vulnerability is different from another vulnerability (CVE-2024-36516), both of which have affected ADAudit Plus' dashboard.
CVE-2024-5527 2 Manageengine, Zohocorp 2 Adaudit Plus, Manageengine Adaudit Plus 2024-08-16 8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in file auditing configuration.
CVE-2024-36035 2 Manageengine, Zohocorp 2 Adaudit Plus, Manageengine Adaudit Plus 2024-08-16 8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in user session recording.
CVE-2024-5487 2 Manageengine, Zohocorp 2 Adaudit Plus, Manageengine Adaudit Plus 2024-08-16 8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's export option.
CVE-2024-36034 2 Manageengine, Zohocorp 2 Adaudit Plus, Manageengine Adaudit Plus 2024-08-16 8.3 High
Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in aggregate reports' search option.
CVE-2024-5678 1 Zohocorp 1 Manageengine Applications Manager 2024-08-15 4.7 Medium
Zohocorp ManageEngine Applications Manager versions 170900 and below are vulnerable to the authenticated admin-only SQL Injection in the Create Monitor feature.