Zohocorp: >> Manageengine Applications Manager Security Vulnerabilities
Zoho ManageEngine Applications Manager 13 before build 13500 allows Post-authentication SQL injection via the name parameter in a manageApplications.do?method=insert request.
CVSS Score
8.8
EPSS Score
0.012
Published
2017-11-05
Zoho ManageEngine Applications Manager 13 before build 13500 allows SQL injection via GraphicalView.do, as demonstrated by a crafted viewProps yCanvas field or viewid parameter.
CVSS Score
9.8
EPSS Score
0.019
Published
2017-11-05
Page 6