What the vulnerability does
01Description
Zohocorp ManageEngine Exchange Reporter Plus versions 5718 and prior are vulnerable to authenticated SQL Injection in reports module.
CVSS base score
8.3/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
Key dates
02Disclosure timeline
November 5, 2024
CVE published
November 5, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2026-5180 SourceCodester Simple Doctors Appointment System ajax.php sql injection
CVE-2025-8018 code-projects Food Ordering Review System reservation_page.php sql injection
CVE-2024-50544 WordPress RSVP ME plugin <= 1.9.9 - SQL Injection vulnerability
CVE-2026-7293 SourceCodester Pizzafy Ecommerce System ajax.php delete_category sql injection
CVE-2017-20249 WordPress Plugin Apptha Slider Gallery 1.0 SQL Injection
