mirror of
https://github.com/0xMarcio/cve.git
synced 2025-12-30 04:49:42 +00:00
715 B
715 B
CVE-2017-16543
Description
Zoho ManageEngine Applications Manager 13 before build 13500 allows SQL injection via GraphicalView.do, as demonstrated by a crafted viewProps yCanvas field or viewid parameter.
POC
Reference
- http://code610.blogspot.com/2017/11/sql-injection-in-manageengine.html
- https://www.exploit-db.com/exploits/43129/
Github
No PoCs found on GitHub currently.