CVE-2019-19649
Zoho ManageEngine Applications Manager is affected by a remote unauthenticated SQL injection in the SyncEventServlet.doGet path, exploitable via the eventid parameter before version 13620. The vulnerability arises in the SyncEventServlet.java doGet function and can allow an attacker to view/modif...