CVE-2012-1063

Currently unrated

Key Information:

Vendor
Manageengine
Status
Applications Manager
Vendor
CVE Published:
14 February 2012

Summary

Multiple SQL injection vulnerabilities in ManageEngine Applications Manager 9.x and 10.x allow remote attackers to execute arbitrary SQL commands via the (1) viewId parameter to fault/AlarmView.do or (2) period parameter to showHistoryData.do.

References

http://www.vulnerability-lab.com/get_content.php?id=115
x_refsource_MISC
http://packetstormsecurity.org/files/view/109238/VL-115.txt
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/72831
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.