CVE-2026-25612 Internal ResourceId collision may affect unrelated collections

The internal locking mechanism of the MongoDB server uses an internal encoding of the resources in order to choose what lock to take. Collections may inadvertently collide with one another in this representation causing unavailability between them due to conflicting locks...

EUVD-2025-203501

A flaw was found in Keycloak. An IDOR Broken Access Control vulnerability exists in the admin API endpoints for authorization resource management, specifically in ResourceSetService and PermissionTicketService. The system checks authorization against the resourceServer client ID provided in the A...

EUVD-2020-23421

Malware in sbrugna...

CVE-2020-24743

An issue was found in /showReports.do Zoho ManageEngine Applications Manager up to 14550, allows attackers to gain escalated privileges via the resourceid parameter...

Zoho ManageEngine Applications Manager elevation of privilege vulnerability (CNVD-2021-88236)

Zoho ManageEngine Applications Manager is an application performance monitoring and management solution for various business monitoring and management needs of enterprises. An elevation of privilege vulnerability exists in /showReports.do in Zoho ManageEngine Applications Manager 14550 and earlie...

CVE-2020-24743

An issue was found in /showReports.do Zoho ManageEngine Applications Manager up to 14550, allows attackers to gain escalated privileges via the resourceid parameter...

CVE-2020-24743

An issue was found in /showReports.do Zoho ManageEngine Applications Manager up to 14550, allows attackers to gain escalated privileges via the resourceid parameter...

Design/Logic Flaw

An issue was found in /showReports.do Zoho ManageEngine Applications Manager up to 14550, allows attackers to gain escalated privileges via the resourceid parameter...

CVE-2020-24743

An issue was found in /showReports.do Zoho ManageEngine Applications Manager up to 14550, allows attackers to gain escalated privileges via the resourceid parameter...

ZOHO ManageEngine Applications Manager 授权问题漏洞

Zoho ManageEngine Applications Manager is an application performance monitoring and management solution for various business monitoring and management needs of enterprises. An elevation of privilege vulnerability exists in /showReports.do in Zoho ManageEngine Applications Manager 14550 and earlie...

ZOHO ManageEngine Applications Manager SQL Injection Vulnerability (CNVD-2022-09274)

ZOHO ManageEngine Applications Manager is an IT operations management solution from ZOHO, Inc. Zoho ManageEngine Applications Manager through 14930 is vulnerable to SQL injection, which can be exploited to perform an authenticated SQL injection into showresource.do via the resourceid parameter...

CVE-2020-35765

doFilter in com.adventnet.appmanager.filter.UriCollector in Zoho ManageEngine Applications Manager through 14930 allows an authenticated SQL Injection via the resourceid parameter to showresource.do...

CVE-2020-35765

doFilter in com.adventnet.appmanager.filter.UriCollector in Zoho ManageEngine Applications Manager through 14930 allows an authenticated SQL Injection via the resourceid parameter to showresource.do...

Sql injection

doFilter in com.adventnet.appmanager.filter.UriCollector in Zoho ManageEngine Applications Manager through 14930 allows an authenticated SQL Injection via the resourceid parameter to showresource.do...

ZOHO ManageEngine Applications Manager SQL注入漏洞

ZOHO ManageEngine Applications Manager is an IT operations management solution from ZOHO, Inc. Zoho ManageEngine Applications Manager through 14930 is vulnerable to SQL injection, which can be exploited to perform an authenticated SQL injection into showresource.do via the resourceid parameter...

CVE-2019-15105

An issue was discovered in Zoho ManageEngine Application Manager through 14.2. There is a SQL Injection vulnerability in jsp/NewThresholdConfiguration.jsp via the resourceid parameter. Therefore, a low-authority user can gain the authority of SYSTEM on the server. One can consequently upload a...

CVE-2019-11469

Zoho ManageEngine Applications Manager 12 through 14 allows FaultTemplateOptions.jsp resourceid SQL injection. Subsequently, an unauthenticated user can gain the authority of SYSTEM on the server by uploading a malicious file via the "Execute Program Actions" feature...

CVE-2017-16850

Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /showresource.do resourceid parameter in a getResourceProfiles action...

ME Application Manager 10 Cross Site Scripting / SQL Injection

Exploit for php platform in category web applications ME Application Manager 10 - Multiple Web Vulnerabilities Introduction: ============= ManageEngine Applications Manager is a server and application performance monitoring software that helps businesses ensure high availability and performance f...