CVE-2015-1479

2015-02-04T16:59:00
ID CVE-2015-1479
Type cve
Reporter cve@mitre.org
Modified 2015-02-06T20:40:00

Description

SQL injection vulnerability in reports/CreateReportTable.jsp in ZOHO ManageEngine ServiceDesk Plus (SDP) before 9.0 build 9031 allows remote authenticated users to execute arbitrary SQL commands via the site parameter.