Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /MyPage.do?method=viewDashBoard forpage parameter.
References
Configurations
History
No history.
Information
Published : 2017-11-16 17:29
Updated : 2024-02-04 19:29
NVD link : CVE-2017-16849
Mitre link : CVE-2017-16849
CVE.ORG link : CVE-2017-16849
JSON object : View
Products Affected
zohocorp
- manageengine_applications_manager
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')