CVE-2025-9428 | Zoho ManageEngine Analytics Plus up to 6171 Key Update API sql injection

Inserito da Angelo Barbosa | Ott 21, 2025 | CVE

A vulnerability has been found in Zoho ManageEngine Analytics Plus up to 6171 and classified as critical. This impacts an unknown function of the component Key Update API. The manipulation leads to sql injection.

This vulnerability is traded as CVE-2025-9428. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2025-9428 | Zoho ManageEngine Analytics Plus up to 6171 Key Update API sql injection

Post correlati

CVE-2024-29466 | lsgwr Spring Boot Online Exam 0.9 FileTransUtil.java path traversal

CVE-2023-32484 | Dell Enterprise SONiC OS input validation (dsa-2023-284)

CVE-2024-2753 | Concrete CMS up to 8.5.15/9.2.7 Calendar Color Settings Screen cross site scripting

CVE-2024-4365 | mdempfle Advanced iFrame Plugin up to 2024.3 on WordPress add_iframe_url_as_param_direct cross site scripting