CVE-2019-15105
Technical details are not publicly provided in the connected documents. The initial description notes a SQL injection in ManageEngine Application Manager (jsp/NewThresholdConfiguration.jsp via resourceid) enabling SYSTEM-level access and a file upload path. Monitor for updates.