Zoho Corporation ManageEngine ADAudit Plus 7.2 7211
Approved changes feed: RSS · Atom
cpe:2.3:a:zohocorp:manageengine_adaudit_plus:7.2:7211:*:*:*:*:*:*
part: a version: 7.2 update: 7211
| Vendor | Zohocorp (4f1ab088-ab0e-54ac-b0dc-2304879a7502) |
|---|---|
| Product | Manageengine Adaudit Plus (3794d677-c3f5-5c1b-ba18-a97145cbdafa) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-36037 |
vulnerable | 2026-06-03 14:56:03.437746 |
Insufficient Access Control Vulnerability
MEDIUM (5.5)
Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session recordings.
Published: 2024-05-27T17:59:52.711Z
Updated: 2024-10-25T18:58:51.787Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-36036 |
vulnerable | 2026-06-03 14:56:03.432310 |
Insufficient Access Control Vulnerability
MEDIUM (4.2)
Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to access sensitive information and modifying the agent configuration.
Published: 2024-05-27T17:58:16.113Z
Updated: 2024-10-31T15:21:20.581Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-21791 |
vulnerable | 2026-06-03 14:54:50.773642 |
SQL Injection in ADAudit Plus
MEDIUM (4.7)
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection in lockout history option.
Note: Non-admin users cannot exploit this vulnerability.
Published: 2024-05-22T18:05:23.307Z
Updated: 2024-08-01T22:27:36.320Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-0269 |
vulnerable | 2026-06-03 14:54:02.054134 |
SQL Injection
HIGH (8.3)
ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in File-Summary DrillDown. This issue has been fixed and released in version 7271.
Published: 2024-02-02T13:05:35.762Z
Updated: 2024-08-01T17:41:16.415Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-0253 |
vulnerable | 2026-06-03 14:54:02.007868 |
SQL Injection
HIGH (8.3)
ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in home Graph-Data.
Published: 2024-02-02T12:50:35.088Z
Updated: 2024-08-01T17:41:16.062Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-6105 |
vulnerable | 2026-06-03 14:53:50.380833 |
ManageEngine Information Disclosure in Multiple Products
MEDIUM (5.5)
An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database passwords. This allows the user to access the ManageEngine product database.
Published: 2023-11-15T20:57:47.981Z
Updated: 2025-02-13T17:26:03.759Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-50785 |
vulnerable | 2026-06-03 14:53:31.419962 |
Details available
Zoho ManageEngine ADAudit Plus before 7270 allows admin users to view names of arbitrary directories via path traversal.
Published: 2024-01-25T00:00:00.000Z
Updated: 2024-10-28T00:16:23.874Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-49335 |
vulnerable | 2026-06-03 14:53:20.693177 |
Details available
HIGH (8.3)
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while getting file server details.
Published: 2024-05-20T17:55:49.809Z
Updated: 2024-08-02T21:53:44.995Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-49334 |
vulnerable | 2026-06-03 14:53:20.692413 |
Details available
HIGH (8.3)
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while exporting a full summary report.
Published: 2024-05-20T17:55:14.220Z
Updated: 2024-08-02T21:53:45.017Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-49333 |
vulnerable | 2026-06-03 14:53:20.691538 |
Details available
HIGH (8.3)
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the dashboard graph feature.
Published: 2024-05-20T17:51:50.719Z
Updated: 2024-08-02T21:53:45.406Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-49332 |
vulnerable | 2026-06-03 14:53:20.690626 |
Details available
HIGH (8.3)
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file shares.
Published: 2024-05-20T17:45:36.459Z
Updated: 2024-08-02T21:53:45.011Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-49331 |
vulnerable | 2026-06-03 14:53:20.689868 |
Details available
HIGH (8.3)
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the aggregate reports search option.
Published: 2024-05-20T17:35:49.217Z
Updated: 2024-08-02T21:53:44.930Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-49330 |
vulnerable | 2026-06-03 14:53:20.689062 |
Details available
HIGH (8.3)
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while getting aggregate report data.
Published: 2024-05-20T12:19:59.734Z
Updated: 2024-08-02T21:53:45.218Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-48793 |
vulnerable | 2026-06-03 14:53:19.833965 |
Details available
Zoho ManageEngine ADAudit Plus through 7250 allows SQL Injection in the aggregate report feature.
Published: 2024-02-02T00:00:00.000Z
Updated: 2025-06-11T16:59:05.641Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-48792 |
vulnerable | 2026-06-03 14:53:19.831326 |
Details available
Zoho ManageEngine ADAudit Plus through 7250 is vulnerable to SQL Injection in the report export option.
Published: 2024-02-02T00:00:00.000Z
Updated: 2025-06-11T16:58:13.575Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.