Page 7 of 41 results (0.004 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /MyPage.do widgetid parameter. Zoho ManageEngine Applications Manager 13 antes de la build 13530 permite una inyección SQL mediante el parámetro widgetid en /MyPage.do. • http://code610.blogspot.com/2017/11/more-sql-injections-in-manageengine.html https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2017-16851.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /showresource.do resourceid parameter in a showPlasmaView action. Zoho ManageEngine Applications Manager 13 antes de la build 13530 permite una inyección SQL mediante el parámetro resourceid en /showresource.do en una acción showPlasmaView. • http://code610.blogspot.com/2017/11/more-sql-injections-in-manageengine.html https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2017-16847.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /manageApplications.do?method=AddSubGroup haid parameter. Zoho ManageEngine Applications Manager 13 antes de la build 13530 permite una inyección SQL mediante el parámetro haid en /manageApplications.do?method=AddSubGroup. • http://code610.blogspot.com/2017/11/more-sql-injections-in-manageengine.html https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2017-16846.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

Zoho ManageEngine Applications Manager 13 allows SQL injection via the /manageConfMons.do groupname parameter. Zoho ManageEngine Applications Manager 13 permite inyección SQL mediante el parámetro groupname en /manageConfMons.do. • http://code610.blogspot.com/2017/11/more-sql-injections-in-manageengine.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /showresource.do resourceid parameter in a getResourceProfiles action. Zoho ManageEngine Applications Manager 13 antes de la build 13530 permite una inyección SQL mediante el parámetro resourceid en /showresource.do en una acción getResourceProfiles. • http://code610.blogspot.com/2017/11/more-sql-injections-in-manageengine.html https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2017-16850.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •