What the vulnerability does
01Description
Zohocorp ManageEngine Exchange Reporter Plus versions before 5715 are vulnerable to SQL Injection in the reports module.
CVSS base score
8.3/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
Key dates
02Disclosure timeline
August 30, 2024
CVE published
August 30, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-35678 WordPress Contact Form to DB by BestWebSoft plugin <= 1.7.2 - SQL Injection vulnerability
CVE-2024-2283 boyiddha Automated-Mess-Management-System view.php sql injection
CVE-2023-28437 SQL injection vulnerability due to the keyword blacklist for defending against SQL injection will be bypassed
CVE-2022-2262 Online Hotel Booking System Room edit_all_room.php sql injection
CVE-2024-11460 Verowa Connect <= 3.0.1 - Unauthenticated SQL Injection
