Zoho ManageEngine Access Manager Plus before 4309, Password Manager Pro before 12210, and PAM360 before 5801 are vulnerable to SQL Injection.
2023-01-05T08:15:08.877
2025-04-09T21:15:43.870
Modified
CVSSv3.1: 9.8 (CRITICAL)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | zohocorp | manageengine_password_manager_pro | < 12.2 | Yes |
| Application | zohocorp | manageengine_password_manager_pro | 12.2 | Yes |
| Application | zohocorp | manageengine_pam360 | < 5.8 | Yes |
| Application | zohocorp | manageengine_pam360 | 5.8 | Yes |
| Application | zohocorp | manageengine_access_manager_plus | < 4.3 | Yes |
| Application | zohocorp | manageengine_access_manager_plus | 4.3 | Yes |
| Application | zohocorp | manageengine_access_manager_plus | 4.3 | Yes |
| Application | zohocorp | manageengine_access_manager_plus | 4.3 | Yes |
| Application | zohocorp | manageengine_access_manager_plus | 4.3 | Yes |
| Application | zohocorp | manageengine_access_manager_plus | 4.3 | Yes |
| Application | zohocorp | manageengine_access_manager_plus | 4.3 | Yes |
| Application | zohocorp | manageengine_access_manager_plus | 4.3 | Yes |
| Application | zohocorp | manageengine_access_manager_plus | 4.3 | Yes |
| Application | zohocorp | manageengine_access_manager_plus | 4.3 | Yes |