CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-5459

SQL injection vulnerability in the AdvanceSearch.class in AdventNetPassTrix.jar in ManageEngine Password Manager Pro (PMP) before 8.1 Build 8101 allows remote authenticated users to execute arbitrary SQL commands via the ANDOR parameter, as demonstrated by a request to STATE_ID/1425543888647/SQLAdvancedALSearchResult.cc.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 73.5%

CVSS Severity

CVSS v2 Score 6.5

References

Products affected by CVE-2015-5459

Zohocorp » Manageengine Password Manager Pro » Version: 4.6

cpe:2.3:a:zohocorp:manageengine_password_manager_pro:4.6
Zohocorp » Manageengine Password Manager Pro » Version: 4.7

cpe:2.3:a:zohocorp:manageengine_password_manager_pro:4.7
Zohocorp » Manageengine Password Manager Pro » Version: 4.8

cpe:2.3:a:zohocorp:manageengine_password_manager_pro:4.8
Zohocorp » Manageengine Password Manager Pro » Version: 5.0

cpe:2.3:a:zohocorp:manageengine_password_manager_pro:5.0
Zohocorp » Manageengine Password Manager Pro » Version: 5.1

cpe:2.3:a:zohocorp:manageengine_password_manager_pro:5.1
Zohocorp » Manageengine Password Manager Pro » Version: 5.2

cpe:2.3:a:zohocorp:manageengine_password_manager_pro:5.2
Zohocorp » Manageengine Password Manager Pro » Version: 5.3

cpe:2.3:a:zohocorp:manageengine_password_manager_pro:5.3
Zohocorp » Manageengine Password Manager Pro » Version: 5.4

cpe:2.3:a:zohocorp:manageengine_password_manager_pro:5.4
Zohocorp » Manageengine Password Manager Pro » Version: 6.0

cpe:2.3:a:zohocorp:manageengine_password_manager_pro:6.0
Zohocorp » Manageengine Password Manager Pro » Version: 6.1

cpe:2.3:a:zohocorp:manageengine_password_manager_pro:6.1
Zohocorp » Manageengine Password Manager Pro » Version: 6.2

cpe:2.3:a:zohocorp:manageengine_password_manager_pro:6.2
Zohocorp » Manageengine Password Manager Pro » Version: 6.3

cpe:2.3:a:zohocorp:manageengine_password_manager_pro:6.3
Zohocorp » Manageengine Password Manager Pro » Version: 6.4

cpe:2.3:a:zohocorp:manageengine_password_manager_pro:6.4
Zohocorp » Manageengine Password Manager Pro » Version: 6.5

cpe:2.3:a:zohocorp:manageengine_password_manager_pro:6.5
Zohocorp » Manageengine Password Manager Pro » Version: 6.6

cpe:2.3:a:zohocorp:manageengine_password_manager_pro:6.6
Zohocorp » Manageengine Password Manager Pro » Version: 6.7

cpe:2.3:a:zohocorp:manageengine_password_manager_pro:6.7
Zohocorp » Manageengine Password Manager Pro » Version: 6.8

cpe:2.3:a:zohocorp:manageengine_password_manager_pro:6.8
Zohocorp » Manageengine Password Manager Pro » Version: 6.9

cpe:2.3:a:zohocorp:manageengine_password_manager_pro:6.9
Zohocorp » Manageengine Password Manager Pro » Version: 7.0

cpe:2.3:a:zohocorp:manageengine_password_manager_pro:7.0
Zohocorp » Manageengine Password Manager Pro » Version: 7.1

cpe:2.3:a:zohocorp:manageengine_password_manager_pro:7.1
Zohocorp » Manageengine Password Manager Pro » Version: 7.5

cpe:2.3:a:zohocorp:manageengine_password_manager_pro:7.5
Zohocorp » Manageengine Password Manager Pro » Version: 7.6

cpe:2.3:a:zohocorp:manageengine_password_manager_pro:7.6
Zohocorp » Manageengine Password Manager Pro » Version: 8.0

cpe:2.3:a:zohocorp:manageengine_password_manager_pro:8.0
Zohocorp » Manageengine Password Manager Pro » Version: 8.1

cpe:2.3:a:zohocorp:manageengine_password_manager_pro:8.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-5459

Products

Pricing

Contact Us