CVE-2024-36485 | Zoho ManageEngine ADAudit Plus up to 8121 Technician Reports Option sql injection

Inserito da Angelo Barbosa | Nov 4, 2024 | CVE

A vulnerability classified as critical was found in Zoho ManageEngine ADAudit Plus up to 8121. Affected by this vulnerability is an unknown functionality of the component Technician Reports Option. The manipulation leads to sql injection.

This vulnerability is known as CVE-2024-36485. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-36485 | Zoho ManageEngine ADAudit Plus up to 8121 Technician Reports Option sql injection

Post correlati

CVE-2023-28876 | Afian Filerun up to 20220202 access control

CVE-2023-49819 | Gordon Böhme & Antonio Leutsch Structured Content JSON-LD wpsc Plugin up to 1.5.3 on WordPress deserialization

CVE-2023-50208 | D-Link G416 ovpncfg stack-based overflow (ZDI-23-1824)

CVE-2024-27848 | Apple iOS/iPadOS App permission