cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-5546,https://securityvulnerability.io/vulnerability/CVE-2024-5546,Zohocorp Password Manager Pro vulnerable to SQL Injection via Global Search Option,"An authenticated SQL injection vulnerability has been identified in ManageEngine Password Manager Pro and PAM360, affecting versions prior to 12431 and 7001, respectively. This vulnerability allows attackers to exploit the global search functionality, potentially accessing and manipulating sensitive data hosted in the affected systems. Timely updates and patches are critical to mitigate the risks associated with this vulnerability.",Manageengine,"Password Manager Pro,Pam360",8.8,HIGH,0.003860000055283308,false,false,false,false,,false,false,2024-08-28T08:44:09.433Z,0
CVE-2024-27313,https://securityvulnerability.io/vulnerability/CVE-2024-27313,Zoho ManageEngine PAM360 Vulnerable to Stored XSS,Zoho ManageEngine PAM360 is vulnerable to Stored XSS vulnerability. This vulnerability is applicable only in the version 6610.,Manageengine,Pam360,4.6,MEDIUM,0.00546000013127923,false,false,false,false,,false,false,2024-05-29T11:01:21.278Z,0
CVE-2024-27312,https://securityvulnerability.io/vulnerability/CVE-2024-27312,Low-Privileged User Can Perform Admin Actions on Zoho ManageEngine PAM360 Version 6601,"An authorization vulnerability exists in ManageEngine PAM360 version 6601, enabling low-privileged users to execute administrative functions. This represents a substantial security risk, as users without proper privileges could potentially gain unauthorized access to critical administrative capabilities, undermining system integrity and security. The flaw is exclusive to PAM360 version 6601, with no other versions impacted, necessitating prompt attention from users to mitigate potential risks.",Manageengine,Pam360,8.1,HIGH,0.001990000018849969,false,false,false,false,,false,false,2024-05-20T13:15:00.000Z,0