Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A SQL Injection vulnerability exists in the Zoho ManageEngine Applications Manager 13 before build 13820 via the resids parameter in a /editDisplaynames.do?method=editDisplaynames GET request.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ZOHO ManageEngine Applications Manager SQL注入漏洞
Vulnerability Description
ZOHO ManageEngine Applications Manager是美国卓豪(ZOHO)公司的一套IT运维管理解决方案。该产品具有应用性能管理、故障管理、报表生成和SLA管理等功能。 ZOHO ManageEngine Applications Manager 13.13820之前版本中存在SQL注入漏洞。远程攻击者可借助/editDisplaynames.do?method=editDisplaynames GET请求中的‘resids’参数利用该漏洞获取管理员账号和密码。
CVSS Information
N/A
Vulnerability Type
N/A