CVE-2019-15104
CVE-2019-15104 affects Zoho ManageEngine OpManager up to 12.x (notably 12.4x) and involves a SQL Injection in jsp/NewThresholdConfiguration.jsp via the resourceid parameter. A low-privilege user can escalate to SYSTEM on the server and, using the Execute Program Action(s) feature, upload a malici...