Security Advisory

CVE-2019-11469

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-04-23 03:12:55

Last updated 2024-08-04 22:55:40

Assigner mitre

State PUBLISHED

Description

Zoho ManageEngine Applications Manager 12 through 14 allows FaultTemplateOptions.jsp resourceid SQL injection. Subsequently, an unauthenticated user can gain the authority of SYSTEM on the server by uploading a malicious file via the "Execute Program Action(s)" feature.

← Browse all CVEs View on cve.org ↗