CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-11448

An issue was discovered in Zoho ManageEngine Applications Manager 11.0 through 14.0. An unauthenticated user can gain the authority of SYSTEM on the server due to a Popup_SLA.jsp sid SQL injection vulnerability. For example, the attacker can subsequently write arbitrary text to a .vbs file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.267

EPSS Ranking 96.1%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

Products affected by CVE-2019-11448

Zohocorp » Manageengine Applications Manager » Version: 11.0

cpe:2.3:a:zohocorp:manageengine_applications_manager:11.0
Zohocorp » Manageengine Applications Manager » Version: 11.1

cpe:2.3:a:zohocorp:manageengine_applications_manager:11.1
Zohocorp » Manageengine Applications Manager » Version: 11.2

cpe:2.3:a:zohocorp:manageengine_applications_manager:11.2
Zohocorp » Manageengine Applications Manager » Version: 11.3

cpe:2.3:a:zohocorp:manageengine_applications_manager:11.3
Zohocorp » Manageengine Applications Manager » Version: 11.4

cpe:2.3:a:zohocorp:manageengine_applications_manager:11.4
Zohocorp » Manageengine Applications Manager » Version: 11.5

cpe:2.3:a:zohocorp:manageengine_applications_manager:11.5
Zohocorp » Manageengine Applications Manager » Version: 11.6

cpe:2.3:a:zohocorp:manageengine_applications_manager:11.6
Zohocorp » Manageengine Applications Manager » Version: 11.7

cpe:2.3:a:zohocorp:manageengine_applications_manager:11.7
Zohocorp » Manageengine Applications Manager » Version: 11.8

cpe:2.3:a:zohocorp:manageengine_applications_manager:11.8
Zohocorp » Manageengine Applications Manager » Version: 11.9

cpe:2.3:a:zohocorp:manageengine_applications_manager:11.9
Zohocorp » Manageengine Applications Manager » Version: 12.0

cpe:2.3:a:zohocorp:manageengine_applications_manager:12.0
Zohocorp » Manageengine Applications Manager » Version: 12.1

cpe:2.3:a:zohocorp:manageengine_applications_manager:12.1
Zohocorp » Manageengine Applications Manager » Version: 12.2

cpe:2.3:a:zohocorp:manageengine_applications_manager:12.2
Zohocorp » Manageengine Applications Manager » Version: 12.3

cpe:2.3:a:zohocorp:manageengine_applications_manager:12.3
Zohocorp » Manageengine Applications Manager » Version: 12.4

cpe:2.3:a:zohocorp:manageengine_applications_manager:12.4
Zohocorp » Manageengine Applications Manager » Version: 12.5

cpe:2.3:a:zohocorp:manageengine_applications_manager:12.5
Zohocorp » Manageengine Applications Manager » Version: 12.6

cpe:2.3:a:zohocorp:manageengine_applications_manager:12.6
Zohocorp » Manageengine Applications Manager » Version: 12.7

cpe:2.3:a:zohocorp:manageengine_applications_manager:12.7
Zohocorp » Manageengine Applications Manager » Version: 12.8

cpe:2.3:a:zohocorp:manageengine_applications_manager:12.8
Zohocorp » Manageengine Applications Manager » Version: 12.9

cpe:2.3:a:zohocorp:manageengine_applications_manager:12.9
Zohocorp » Manageengine Applications Manager » Version: 13

cpe:2.3:a:zohocorp:manageengine_applications_manager:13
Zohocorp » Manageengine Applications Manager » Version: 13.0

cpe:2.3:a:zohocorp:manageengine_applications_manager:13.0
Zohocorp » Manageengine Applications Manager » Version: 13.1

cpe:2.3:a:zohocorp:manageengine_applications_manager:13.1
Zohocorp » Manageengine Applications Manager » Version: 13.13820

cpe:2.3:a:zohocorp:manageengine_applications_manager:13.13820
Zohocorp » Manageengine Applications Manager » Version: 13.2

cpe:2.3:a:zohocorp:manageengine_applications_manager:13.2
Zohocorp » Manageengine Applications Manager » Version: 13.3

cpe:2.3:a:zohocorp:manageengine_applications_manager:13.3
Zohocorp » Manageengine Applications Manager » Version: 13.4

cpe:2.3:a:zohocorp:manageengine_applications_manager:13.4
Zohocorp » Manageengine Applications Manager » Version: 13.5

cpe:2.3:a:zohocorp:manageengine_applications_manager:13.5
Zohocorp » Manageengine Applications Manager » Version: 13.6

cpe:2.3:a:zohocorp:manageengine_applications_manager:13.6
Zohocorp » Manageengine Applications Manager » Version: 13.7

cpe:2.3:a:zohocorp:manageengine_applications_manager:13.7
Zohocorp » Manageengine Applications Manager » Version: 13.8

cpe:2.3:a:zohocorp:manageengine_applications_manager:13.8
Zohocorp » Manageengine Applications Manager » Version: 13.9

cpe:2.3:a:zohocorp:manageengine_applications_manager:13.9
Zohocorp » Manageengine Applications Manager » Version: 14.0

cpe:2.3:a:zohocorp:manageengine_applications_manager:14.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-11448

Products

Pricing

Contact Us