Manageengine Adaudit Plus
35 CVEs affecting Manageengine Adaudit Plus. Latest disclosed: 2025-06-09. Critical: 0, High: 32.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-41444 | High | 8.3 | 2025-06-09 | Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the alerts module. |
CVE-2025-36528 | High | 8.3 | 2025-06-09 | Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in Service Account Auditing reports. |
CVE-2025-27709 | High | 8.3 | 2025-06-09 | Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the Service Account Auditing reports. |
CVE-2025-41407 | High | 8.3 | 2025-05-23 | Zohocorp ManageEngine ADAudit Plus versions below 8511 are vulnerable to SQL injection in the OU History report. |
CVE-2025-36527 | High | 8.3 | 2025-05-23 | Zohocorp ManageEngine ADAudit Plus versions below 8511 are vulnerable to SQL injection while exporting reports. |
CVE-2025-41403 | High | 8.3 | 2025-05-22 | Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection while fetching service account audit data. |
CVE-2025-3836 | High | 8.3 | 2025-05-22 | Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the logon events aggregate report. |
CVE-2024-49574 | High | 8.3 | 2024-11-18 | Zohocorp ManageEngine ADAudit Plus versions below 8123 are vulnerable to SQL Injection in the reports module. |
CVE-2024-36485 | High | 8.3 | 2024-11-04 | Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to SQL Injection in Technician reports option. |
CVE-2024-5608 | High | 8.3 | 2024-10-24 | Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to SQL Injection in the technician reports feature. |
CVE-2024-5586 | High | 8.3 | 2024-08-23 | Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in extranet lockouts report option. |
CVE-2024-5556 | High | 8.3 | 2024-08-23 | Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in reports module. |
CVE-2024-5490 | High | 8.3 | 2024-08-23 | Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in aggregate reports option. |
CVE-2024-5467 | High | 8.3 | 2024-08-23 | Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in account lockout report. |
CVE-2024-36517 | High | 8.3 | 2024-08-23 | Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in alerts module. |
CVE-2024-36516 | High | 8.3 | 2024-08-23 | Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard. Note: This vulnerability is different fr… |
CVE-2024-36515 | High | 8.3 | 2024-08-23 | Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard. Note: This vulnerability is different fr… |
CVE-2024-36514 | High | 8.3 | 2024-08-23 | Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in file summary option. |
CVE-2024-5527 | High | 8.3 | 2024-08-12 | Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in file auditing configuration. |
CVE-2024-5487 | High | 8.3 | 2024-08-12 | Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's export option. |