CVE-2024-36485 | Zoho ManageEngine ADAudit Plus up to 8121 Technician Reports Option sql injection

Inserito da Angelo Barbosa | Nov 4, 2024 | CVE

A vulnerability classified as critical was found in Zoho ManageEngine ADAudit Plus up to 8121. Affected by this vulnerability is an unknown functionality of the component Technician Reports Option. The manipulation leads to sql injection.

This vulnerability is known as CVE-2024-36485. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-36485 | Zoho ManageEngine ADAudit Plus up to 8121 Technician Reports Option sql injection

Post correlati

CVE-2022-48787 | Linux Kernel up to 5.16.10 iwlwifi device_release_driver use after free

CVE-2024-48809 | Open Networking Foundation sdran-in-a-box/onos-a1t DeleteWatcher denial of service (Issue 206)

CVE-2024-41872 | Adobe Media Encoder up to 23.6.8/24.5 out-of-bounds (apsb24-53)

CVE-2024-3307 | HT Mega Plugin up to 2.4.9 on WordPress Countdown Widget cross site scripting