2 matches found
CVE-2017-11559
An issue was discovered in ZOHO ManageEngine OpManager 12.2. The 'apiKey' parameter of "/api/json/admin/getmailserversettings" and "/api/json/dashboard/gotoverviewlist" is vulnerable to a Blind SQL Injection attack...
CVE-2017-11559
ZOHO ManageEngine OpManager 12.2 is affected by a Blind SQL Injection in the apiKey parameter of /api/json/admin/getmailserversettings and /api/json/dashboard/gotoverviewlist. Root cause: lack of input validation/exploitation of SQL statements; impact reported as high confidentiality impact (C/H)...