2 matches found
ManageEngine Applications Manager DowntimeSchedulerServlet 'TASKID' Blind SQLi
The remote host is running a version of ManageEngine Applications Manager that is affected by a blind SQL injection vulnerability due to improper validation of user-supplied input to the 'TASKID' parameter in the 'DowntimeSchedulerServlet' servlet. A remote attacker can exploit this flaw to execu...
ManageEngine Applications Manager DowntimeSchedulerServlet TASKID SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ManageEngine Applications Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DowntimeSchedulerServlet servlet. The issue lies in the failure ...