cve/2024/CVE-2024-5678.md

### [CVE-2024-5678](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5678)
![](https://img.shields.io/static/v1?label=Product&message=Applications%20Manager&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0%3C%20170900%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen)

### Description

Zohocorp ManageEngine Applications Manager versions 170900 and below are vulnerable to the authenticated admin-only SQL Injection in the Create Monitor feature.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/0x41424142/qualyspy
- https://github.com/BuildAndDestroy/ai-cve-mcp-server
- https://github.com/BuildAndDestroy/ai-cve-vector-data
- https://github.com/Cyber-Agents-Fleet/CVE-MCP-Server
- https://github.com/Dashrath158/CVE-Management-App-using-Flask
- https://github.com/Jhoel777ar/El-libro-absurdamente-completo-del-Hacker-Etico
- https://github.com/Kushalsharma0702/ThreatEye
- https://github.com/Sanjayharitas/Assignment
- https://github.com/TFury30/CheckCVE
- https://github.com/amitbisoyi/W.V.S
- https://github.com/arielkl9/AI-Threat-Intel
- https://github.com/baybarse/kubernetes-analysis-troubleshhoting-tool
- https://github.com/bergel07/FinalProject
- https://github.com/kayoMichael/CVE
- https://github.com/luci04-bot/RFSA-Tool
- https://github.com/mauvehed/kevvy
- https://github.com/mxgms/debian-audit
- https://github.com/pranavipranz/cve-analyst-langgraph
- https://github.com/projectdiscovery/cvemap