Adaudit Plus
Approved changes feed: RSS · Atom
cpe:2.3:a:manageengine:adaudit_plus:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Manageengine (b7eba64e-d5d7-5395-be8c-84fe138ee37e) |
|---|---|
| Product | Adaudit Plus (1c8908d4-07a3-5e58-88b0-2712eefbce9f) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-41444 |
vulnerable | 2026-06-03 15:01:14.901020 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the alerts module.
Published: 2025-06-09T11:14:58.186Z
Updated: 2025-06-09T13:05:30.719Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-41407 |
vulnerable | 2026-06-03 15:01:14.819306 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine ADAudit Plus versions below 8511 are vulnerable to SQL injection in the OU History report.
Published: 2025-05-23T10:29:58.652Z
Updated: 2025-05-23T11:57:14.276Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-41403 |
vulnerable | 2026-06-03 15:01:14.812186 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection while fetching service account audit data.
Published: 2025-05-22T10:39:59.813Z
Updated: 2025-05-22T18:13:43.312Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-3836 |
vulnerable | 2026-06-03 15:01:05.754248 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the logon events aggregate report.
Published: 2025-05-22T10:38:26.473Z
Updated: 2025-05-22T18:21:44.623Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-3834 |
vulnerable | 2026-06-03 15:01:05.732012 |
SQL Injection
HIGH (8.1)
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the OU History report.
Published: 2025-05-14T11:05:34.690Z
Updated: 2025-05-14T13:28:48.403Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-36528 |
vulnerable | 2026-06-03 15:00:53.560734 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in Service Account Auditing reports.
Published: 2025-06-09T11:12:14.531Z
Updated: 2025-06-09T13:05:48.597Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-36527 |
vulnerable | 2026-06-03 15:00:53.557083 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine ADAudit Plus versions below 8511 are vulnerable to SQL injection while exporting reports.
Published: 2025-05-23T10:28:24.153Z
Updated: 2025-05-23T12:05:28.836Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-27709 |
vulnerable | 2026-06-03 15:00:13.050862 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the Service Account Auditing reports.
Published: 2025-06-09T11:04:38.114Z
Updated: 2025-06-09T15:39:11.883Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-5608 |
vulnerable | 2026-06-03 14:57:53.392337 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to SQL Injection in the technician reports feature.
Published: 2024-10-24T11:42:44.789Z
Updated: 2024-10-24T13:55:28.297Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-5586 |
vulnerable | 2026-06-03 14:57:53.340849 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in extranet lockouts report option.
Published: 2024-08-23T13:54:53.458Z
Updated: 2024-08-23T14:40:48.724Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-5556 |
vulnerable | 2026-06-03 14:57:53.255424 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in reports module.
Published: 2024-08-23T13:52:28.522Z
Updated: 2024-08-23T14:41:47.195Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-5527 |
vulnerable | 2026-06-03 14:57:53.038840 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in file auditing configuration.
Published: 2024-08-12T05:31:09.050Z
Updated: 2024-08-16T04:01:40.638Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-5490 |
vulnerable | 2026-06-03 14:57:52.957684 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in aggregate reports option.
Published: 2024-08-23T13:44:08.468Z
Updated: 2024-08-23T14:43:05.433Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-5487 |
vulnerable | 2026-06-03 14:57:52.949158 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's export option.
Published: 2024-08-12T07:04:12.610Z
Updated: 2024-08-16T14:02:11.147Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-5467 |
vulnerable | 2026-06-03 14:57:52.901587 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in account lockout report.
Published: 2024-08-23T13:28:28.419Z
Updated: 2024-08-23T15:22:32.247Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-49574 |
vulnerable | 2026-06-03 14:57:12.715409 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine ADAudit Plus versions below 8123 are vulnerable to SQL Injection in the reports module.
Published: 2024-11-18T07:55:13.332Z
Updated: 2024-11-26T14:45:29.910Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-36518 |
vulnerable | 2026-06-03 14:56:04.856651 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine ADAudit Plus versions below 8110 are vulnerable to authenticated SQL Injection in attack surface analyzer's dashboard.
Published: 2024-08-12T07:13:49.843Z
Updated: 2024-08-16T04:01:43.100Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-36517 |
vulnerable | 2026-06-03 14:56:04.856269 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in alerts module.
Published: 2024-08-23T13:34:01.453Z
Updated: 2024-08-23T15:21:13.955Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-36516 |
vulnerable | 2026-06-03 14:56:04.855801 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard.
Note: This vulnerability is different from another vulnerability (CVE-2024-36515), both of which have affected ADAudit Plus' dashboard.
Published: 2024-08-23T13:36:05.237Z
Updated: 2024-08-23T15:20:14.680Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-36515 |
vulnerable | 2026-06-03 14:56:04.855330 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard.
Note: This vulnerability is different from another vulnerability (CVE-2024-36516), both of which have affected ADAudit Plus' dashboard.
Published: 2024-08-23T13:37:02.810Z
Updated: 2024-08-23T14:45:08.096Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-36514 |
vulnerable | 2026-06-03 14:56:04.854830 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in file summary option.
Published: 2024-08-23T13:37:56.318Z
Updated: 2024-08-23T14:44:02.846Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-36485 |
vulnerable | 2026-06-03 14:56:04.664718 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to SQL Injection in Technician reports option.
Published: 2024-11-04T11:13:02.838Z
Updated: 2024-11-07T11:02:05.293Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-36037 |
vulnerable | 2026-06-03 14:56:03.437582 |
Insufficient Access Control Vulnerability
MEDIUM (5.5)
Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to view the session recordings.
Published: 2024-05-27T17:59:52.711Z
Updated: 2024-10-25T18:58:51.787Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-36036 |
vulnerable | 2026-06-03 14:56:03.427612 |
Insufficient Access Control Vulnerability
MEDIUM (4.2)
Zoho ManageEngine ADAudit Plus versions 7260 and below allows unauthorized local agent machine users to access sensitive information and modifying the agent configuration.
Published: 2024-05-27T17:58:16.113Z
Updated: 2024-10-31T15:21:20.581Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-36035 |
vulnerable | 2026-06-03 14:56:03.425874 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in user session recording.
Published: 2024-08-12T07:19:54.491Z
Updated: 2024-08-12T13:48:39.216Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-36034 |
vulnerable | 2026-06-03 14:56:03.421610 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine ADAudit Plus versions below 8003 are vulnerable to authenticated SQL Injection in aggregate reports' search option.
Published: 2024-08-12T07:23:17.212Z
Updated: 2024-08-12T12:27:27.466Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-21791 |
vulnerable | 2026-06-03 14:54:50.769694 |
SQL Injection in ADAudit Plus
MEDIUM (4.7)
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection in lockout history option.
Note: Non-admin users cannot exploit this vulnerability.
Published: 2024-05-22T18:05:23.307Z
Updated: 2024-08-01T22:27:36.320Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-0269 |
vulnerable | 2026-06-03 14:54:02.053984 |
SQL Injection
HIGH (8.3)
ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in File-Summary DrillDown. This issue has been fixed and released in version 7271.
Published: 2024-02-02T13:05:35.762Z
Updated: 2024-08-01T17:41:16.415Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-0253 |
vulnerable | 2026-06-03 14:54:02.004075 |
SQL Injection
HIGH (8.3)
ManageEngine ADAudit Plus versions 7270 and below are vulnerable to the Authenticated SQL injection in home Graph-Data.
Published: 2024-02-02T12:50:35.088Z
Updated: 2024-08-01T17:41:16.062Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-49335 |
vulnerable | 2026-06-03 14:53:20.692986 |
Details available
HIGH (8.3)
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while getting file server details.
Published: 2024-05-20T17:55:49.809Z
Updated: 2024-08-02T21:53:44.995Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-49334 |
vulnerable | 2026-06-03 14:53:20.692239 |
Details available
HIGH (8.3)
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while exporting a full summary report.
Published: 2024-05-20T17:55:14.220Z
Updated: 2024-08-02T21:53:45.017Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-49333 |
vulnerable | 2026-06-03 14:53:20.691367 |
Details available
HIGH (8.3)
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the dashboard graph feature.
Published: 2024-05-20T17:51:50.719Z
Updated: 2024-08-02T21:53:45.406Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-49332 |
vulnerable | 2026-06-03 14:53:20.690457 |
Details available
HIGH (8.3)
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file shares.
Published: 2024-05-20T17:45:36.459Z
Updated: 2024-08-02T21:53:45.011Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-49331 |
vulnerable | 2026-06-03 14:53:20.689693 |
Details available
HIGH (8.3)
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the aggregate reports search option.
Published: 2024-05-20T17:35:49.217Z
Updated: 2024-08-02T21:53:44.930Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-49330 |
vulnerable | 2026-06-03 14:53:20.688859 |
Details available
HIGH (8.3)
Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while getting aggregate report data.
Published: 2024-05-20T12:19:59.734Z
Updated: 2024-08-02T21:53:45.218Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-48793 |
vulnerable | 2026-06-03 14:53:19.833794 |
Details available
Zoho ManageEngine ADAudit Plus through 7250 allows SQL Injection in the aggregate report feature.
Published: 2024-02-02T00:00:00.000Z
Updated: 2025-06-11T16:59:05.641Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-48792 |
vulnerable | 2026-06-03 14:53:19.827072 |
Details available
Zoho ManageEngine ADAudit Plus through 7250 is vulnerable to SQL Injection in the report export option.
Published: 2024-02-02T00:00:00.000Z
Updated: 2025-06-11T16:58:13.575Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.