📦 Manageengine Adaudit Plus
by Zohocorp
🔍 What is Manageengine Adaudit Plus?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This vulnerability allows attackers to execute arbitrary SQL commands through the report export feature in Zoho ManageEngine ADAudit Plus. Organizations using affected versions are at risk of data the...
CVE-2022-28219 is an unauthenticated XML External Entity (XXE) vulnerability in Cewolf within Zoho ManageEngine ADAudit Plus that allows remote attackers to execute arbitrary code on affected systems....
CVE-2025-41444 is an authenticated SQL injection vulnerability in Zohocorp ManageEngine ADAudit Plus that allows authenticated attackers to execute arbitrary SQL commands. This affects organizations u...
CVE-2025-27709 is an authenticated SQL injection vulnerability in Zohocorp ManageEngine ADAudit Plus that allows authenticated attackers to execute arbitrary SQL commands through Service Account Audit...
This SQL injection vulnerability in ManageEngine ADAudit Plus allows attackers to execute arbitrary SQL commands through the OU History report feature. Attackers could potentially access, modify, or d...
This SQL injection vulnerability in ManageEngine ADAudit Plus allows attackers to execute arbitrary SQL commands when exporting reports. Organizations using versions below 8511 are affected, potential...
This vulnerability allows authenticated attackers to execute arbitrary SQL commands through the logon events aggregate report in ManageEngine ADAudit Plus. Attackers could potentially access, modify, ...
This vulnerability allows authenticated attackers to execute arbitrary SQL commands through the OU History report feature in ManageEngine ADAudit Plus. Attackers with valid credentials can potentially...
This SQL injection vulnerability in ManageEngine ADAudit Plus allows attackers to execute arbitrary SQL commands through the reports module. Organizations using ADAudit Plus versions below 8123 are af...
This SQL injection vulnerability in ManageEngine ADAudit Plus allows attackers to execute arbitrary SQL commands through the Technician reports option. Organizations using affected versions are at ris...
This SQL injection vulnerability in ManageEngine ADAudit Plus allows attackers to execute arbitrary SQL commands through the technician reports feature. Organizations using versions below 8121 are aff...
This vulnerability allows authenticated attackers to execute arbitrary SQL commands through the aggregate reports feature in ManageEngine ADAudit Plus. Attackers could potentially read, modify, or del...
This vulnerability allows authenticated attackers to execute arbitrary SQL commands through the extranet lockouts report feature in ManageEngine ADAudit Plus. Attackers could potentially read, modify,...
This vulnerability allows authenticated attackers to execute arbitrary SQL commands in ManageEngine ADAudit Plus dashboard. Attackers with valid credentials can potentially access, modify, or delete d...
This vulnerability allows authenticated attackers to execute arbitrary SQL commands through the file summary option in ManageEngine ADAudit Plus. Attackers could potentially read, modify, or delete da...
This vulnerability allows authenticated attackers to execute arbitrary SQL commands through the attack surface analyzer's export option in ManageEngine ADAudit Plus. Attackers could potentially access...
This vulnerability allows authenticated attackers to execute arbitrary SQL commands through the attack surface analyzer's dashboard in ManageEngine ADAudit Plus. Attackers could potentially read, modi...
This vulnerability allows authenticated attackers to execute arbitrary SQL commands through the aggregate reports' search option in ManageEngine ADAudit Plus. Attackers could potentially access, modif...
This SQL injection vulnerability in Zoho ManageEngine ADAudit Plus allows attackers to execute arbitrary SQL commands when adding file shares. Affected organizations running versions below 7271 could ...
This SQL injection vulnerability in Zoho ManageEngine ADAudit Plus allows attackers to execute arbitrary SQL commands when exporting full summary reports. Organizations using affected versions are at ...
This vulnerability allows authenticated attackers to execute arbitrary SQL commands in ManageEngine ADAudit Plus. Attackers with valid credentials can potentially access, modify, or delete database in...
This vulnerability allows attackers to bypass audit detection in Zoho ManageEngine ADAudit Plus by creating or renaming user accounts with a '$' suffix. This affects organizations using ADAudit Plus f...
This vulnerability in Zoho ManageEngine ADAudit Plus allows authenticated users to escalate privileges on integrated products by extracting passwords from JSON responses. It affects organizations usin...
This vulnerability in Zoho ManageEngine ADAudit Plus allows unauthorized local users on agent machines to view session recordings. It affects organizations using ADAudit Plus version 7260 and below fo...