PT-2018-9886 · Zoho · Zoho Manageengine Adaudit Plus

Published

2018-05-29

·

Updated

2018-07-13

·

CVE-2018-10466

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine ADAudit Plus versions prior to 5.0.0 build 5100
Description: The issue allows for blind SQL Injection.
Recommendations: For versions prior to 5.0.0 build 5100, update to version 5.0.0 build 5100 or later to resolve the issue.

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2018-10466

Affected Products

Zoho Manageengine Adaudit Plus