2 matches found
CVE-2019-11469
Zoho ManageEngine Applications Manager 12 through 14 allows FaultTemplateOptions.jsp resourceid SQL injection. Subsequently, an unauthenticated user can gain the authority of SYSTEM on the server by uploading a malicious file via the "Execute Program Actions" feature...
Zoho ManageEngine Applications Manager SQL Injection (CVE-2019-11469)
A SQL injection vulnerability exists in Zoho ManageEngine Applications Manager. The vulnerability is due to improper validation of user-supplied input in FaultTemplateOptions.jsp. Successful exploitation could result in arbitrary SQL code execution...