4 matches found
Zoho ManageEngine OpManager SQL Injection (CVE-2018-20338)
A SQL injection vulnerability exists in ManageEngine OpManager. This vulnerability is due to insufficient validation of the parameters in the HTTP requests. Successful exploitation could lead to arbitrary SQL code execution...
CVE-2018-20338
Zoho ManageEngine OpManager 12.3 before build 123239 allows SQL injection in the Alarms section...
CVE-2018-20338
CVE-2018-20338 affects Zoho ManageEngine OpManager 12.3 before build 123239, with a SQL injection in the Alarms section. Root cause indicated as insufficient validation of parameters in HTTP requests, enabling a remote attacker to execute arbitrary SQL and potentially access or alter database inf...
Zoho ManageEngine OpManager 12.3 Alarms SQL Injection
I. VULNERABILITY ------------------------- Zoho ManageEngine OpManager 12.3 before build 123239 allows SQL injection in the Alarms section II. CVE REFERENCE ------------------------- CVE-2018-20338 III. VENDOR ------------------------- https://www.manageengine.com IV. TIMELINE...