Zoho Corporation ManageEngine ADAudit Plus 8.1 8124

CPE Details

Zoho Corporation ManageEngine ADAudit Plus 8.1 8124
zohocorp
manageengine_adaudit_plus
8.1
2025-05-12
16h02 +00:00
2025-05-12
16h02 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:zohocorp:manageengine_adaudit_plus:8.1:8124:*:*:*:*:*:*

Informations

Vendor

zohocorp

Product

manageengine_adaudit_plus

Version

8.1

Update

8124

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2025-41444 2025-06-09 11h14 +00:00 Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the alerts module.
8.3
High
CVE-2025-36528 2025-06-09 11h12 +00:00 Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in Service Account Auditing reports.
8.3
High
CVE-2025-27709 2025-06-09 11h04 +00:00 Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the Service Account Auditing reports.
8.3
High
CVE-2025-41407 2025-05-23 10h29 +00:00 Zohocorp ManageEngine ADAudit Plus versions below 8511 are vulnerable to SQL injection in the OU History report.
8.3
High
CVE-2025-36527 2025-05-23 10h28 +00:00 Zohocorp ManageEngine ADAudit Plus versions below 8511 are vulnerable to SQL injection while exporting reports.
8.3
High
CVE-2025-41403 2025-05-22 10h39 +00:00 Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection while fetching service account audit data.
8.3
High
CVE-2025-3836 2025-05-22 10h38 +00:00 Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the logon events aggregate report.
8.3
High
CVE-2025-3834 2025-05-14 11h05 +00:00 Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the OU History report.
8.1
High
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.