Minh Vo Van

**Name of the Vulnerable Software and Affected Versions** Zohocorp ManageEngine ADAudit Plus versions below 8003 **Description** The issue concerns an authenticated SQL Injection vulnerability in the aggregate reports' search option. This allows attackers to inject malicious SQL code, potentially leading to unauthorized access or data manipulation. **Recommendations** For Zohocorp ManageEngine ADAudit Plus versions below 8003, update to a version 8003 or later to resolve the issue. As a temporary workaround, consider restricting access to the aggregate reports' search option until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** Zohocorp ManageEngine ADAudit Plus versions below 8003 **Description** The issue is related to an authenticated SQL Injection vulnerability in user session recording. **Recommendations** For Zohocorp ManageEngine ADAudit Plus versions below 8003, update to a version 8003 or later to resolve the issue.