4 matches found
CVE-2018-11808
Incorrect Access Control in CustomFieldsFeedServlet in Zoho ManageEngine Applications Manager Version 13 before build 13740 allows an attacker to delete any file and read certain files on the server in the context of the user which by default is "NT AUTHORITY / SYSTEM" by sending a specially...
CVE-2018-11808
Incorrect Access Control in CustomFieldsFeedServlet in Zoho ManageEngine Applications Manager Version 13 before build 13740 allows an attacker to delete any file and read certain files on the server in the context of the user which by default is "NT AUTHORITY / SYSTEM" by sending a specially...
CVE-2018-11808
Incorrect Access Control in CustomFieldsFeedServlet in Zoho ManageEngine Applications Manager Version 13 before build 13740 allows an attacker to delete any file and read certain files on the server in the context of the user which by default is "NT AUTHORITY / SYSTEM" by sending a specially...
CVE-2018-11808
CVE-2018-11808 affects Zoho ManageEngine Applications Manager 13 before build 13740, where the CustomFieldsFeedServlet has improper access control. An attacker can remotely craft a request to delete arbitrary files and read certain files on the server, running in the context of the default user N...