2 matches found
ManageEngine Multiple Products It360SPUtil resIds SQL Injection
An SQL injection vulnerability has been reported in ManageEngine Applications Manager and ManageEngine IT360 MSP Edition. This vulnerability is due to the insufficient validation of user-supplied input when processing requests sent to the It360SPUtil class. A remote, unauthenticated attacker can...
ManageEngine Applications Manager It360SPUtil resIds SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ManageEngine Applications Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the It360SPUtil class. The issue lies in the failure to sanitize...