HIGHCVE-2026-5785Published Modified CNA Zohocorp
CVE-2026-5785: SQL Injection
Zohocorp ManageEngine PAM360 versions before 8531 and ManageEngine Password Manager Pro versions from 8600 to 13230 are vulnerable to Authenticated SQL injection in the query report module.
Metrics
- CVSS v3.1
- 8.1
- Severity
- HIGH
- Fixed in
- 8531
- Affected Products
- 2
Fix available
8531
Affected packages
- Zohocorp / ManageEngine PAM360< 8531 (from 0)
- Zohocorp / ManageEngine Password Manager Pro≤ 13230
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:NReferences