What the vulnerability does
01Description
Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the logon events aggregate report.
CVSS base score
8.3/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
Key dates
02Disclosure timeline
May 22, 2025
CVE published
May 22, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2026-25238 PEAR is Vulnerable to SQL Injection in Bug Subscription Deletion via Weak Email Validation
CVE-2024-7374 SourceCodester Simple Realtime Quiz System manage_user.php sql injection
CVE-2023-41884 ZoneMinder Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in watch.php
CVE-2024-5556 SQL Injection
CVE-2024-9294 dingfanzu CMS saveNewPwd.php sql injection
