Exchange Reporter Plus
Approved changes feed: RSS · Atom
cpe:2.3:a:manageengine:exchange_reporter_plus:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Manageengine (b7eba64e-d5d7-5395-be8c-84fe138ee37e) |
|---|---|
| Product | Exchange Reporter Plus (135540a5-caf9-5d8f-a3fb-24fc9d5ec95a) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-5966 |
vulnerable | 2026-06-03 15:07:55.140962 |
Stored XSS
HIGH (8.1)
Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Attachments by filename keyword report.
Published: 2025-06-26T12:22:10.367Z
Updated: 2025-06-26T12:54:07.728Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-5366 |
vulnerable | 2026-06-03 15:06:27.671091 |
Stored XSS
HIGH (8.1)
Zohocorp ManageEngine Exchange reporter Plus version 5722 and below are vulnerable to Stored XSS in the Folder-wise read mails with subject report.
Published: 2025-06-26T12:21:02.567Z
Updated: 2025-06-26T12:54:40.737Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-3835 |
vulnerable | 2026-06-03 15:01:05.736089 |
Remote Code Execution
CRITICAL (9.6)
Zohocorp ManageEngine Exchange Reporter Plus versions 5721 and prior are vulnerable to Remote code execution in the Content Search module.
Published: 2025-06-09T10:29:18.379Z
Updated: 2026-02-26T17:51:06.541Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-9459 |
vulnerable | 2026-06-03 14:58:21.528446 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine Exchange Reporter Plus versions 5718 and prior are vulnerable to authenticated SQL Injection in reports module.
Published: 2024-11-05T05:44:57.368Z
Updated: 2024-11-05T16:24:05.731Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-6204 |
vulnerable | 2026-06-03 14:58:02.180661 |
SQL injection
HIGH (8.3)
Zohocorp ManageEngine Exchange Reporter Plus versions before 5715 are vulnerable to SQL Injection in the reports module.
Published: 2024-08-30T17:10:07.783Z
Updated: 2024-08-30T18:05:36.513Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-38872 |
vulnerable | 2026-06-03 14:56:19.945496 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine Exchange Reporter Plus versions 5717 and below are vulnerable to the authenticated SQL injection in the monitoring module.
Published: 2024-07-26T17:30:23.932Z
Updated: 2024-08-02T04:19:20.244Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-38871 |
vulnerable | 2026-06-03 14:56:19.932908 |
SQL Injection
HIGH (8.3)
Zohocorp ManageEngine Exchange Reporter Plus versions 5717 and below are vulnerable to the authenticated SQL injection in the reports module.
Published: 2024-07-26T17:29:42.911Z
Updated: 2024-08-02T04:19:20.491Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-21775 |
vulnerable | 2026-06-03 14:54:50.700075 |
SQL Injection
HIGH (8.3)
Zoho ManageEngine Exchange Reporter Plus versions 5714 and below are vulnerable to the Authenticated SQL injection in report exporting feature.
Published: 2024-02-16T14:35:11.451Z
Updated: 2024-08-21T14:44:14.705Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.