Page 7 of 61 results (0.002 seconds)
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 5
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 5CVE-2015-1479 – ManageEngine ServiceDesk Plus 9.0 - SQL Injection
https://notcve.org/view.php?id=CVE-2015-1479
04 Feb 2015 — SQL injection vulnerability in reports/CreateReportTable.jsp in ZOHO ManageEngine ServiceDesk Plus (SDP) before 9.0 build 9031 allows remote authenticated users to execute arbitrary SQL commands via the site parameter. Vulnerabilidad de inyección SQL en reports/CreateReportTable.jsp en ZOHO ManageEngine ServiceDesk Plus (SDP) anterior a 9.0 build 9031 permite a usuarios remotos autenticados ejecutar comandos SQL arbitrarios a través del parámetro site. • https://www.exploit-db.com/exploits/35890 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •