Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:34 a.m.10 views

CVE-2015-7766

PGSQL:SubmitQuery.do in ZOHO ManageEngine OpManager 11.6, 11.5, and earlier allows remote administrators to bypass SQL query restrictions via a comment in the query to api/json/admin/SubmitQuery, as demonstrated by "INSERT//INTO."...

9CVSS7.5AI score0.80644EPSS
Exploits3References1
Check Point Advisories
Check Point Advisories
added 2015/11/24 12:0 a.m.17 views

ManageEngine OpManager SubmitQuery IntegrationUser SQL Code Execution (CVE-2015-7765; CVE-2015-7766)

An SQL code execution vulnerability exists in ManageEngine OpManager. By sending crafted requests to an affected server, a remote attacker can exploit this vulnerability to execute arbitrary SQL commands with Administrator privileges which can further lead to arbitrary code execution in the...

9CVSS4.6AI score0.80644EPSS
Exploits4
NVD
NVD
added 2015/10/09 2:59 p.m.20 views

CVE-2015-7766

PGSQL:SubmitQuery.do in ZOHO ManageEngine OpManager 11.6, 11.5, and earlier allows remote administrators to bypass SQL query restrictions via a comment in the query to api/json/admin/SubmitQuery, as demonstrated by "INSERT//INTO."...

9CVSS7.1AI score0.80644EPSS
Exploits3References5
Circl
Circl
added 2015/09/17 12:0 a.m.29 views

CVE-2015-7766

creationtimestamp| type| source ---|---|--- 2015-09-17 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38221 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/manageengineopmanagerrce.rb 2025-02-06...

9CVSS5.6AI score0.80644EPSS
Exploits3References2
Rows per page
Query Builder