SQL Injection Vulnerabilities in ManageEngine Applications Manager by Zoho Corporation
CVE-2012-1063

Currently unrated

Key Information:

Vendor

Manageengine
Status
Applications Manager
Vendor
CVE Published:
14 February 2012

What is CVE-2012-1063?

Multiple SQL injection vulnerabilities exist in ManageEngine Applications Manager versions 9.x and 10.x, enabling remote attackers to manipulate database commands. These vulnerabilities stem from insufficient validation of user inputs, specifically the viewId parameter in fault/AlarmView.do and the period parameter in showHistoryData.do. Exploiting these weaknesses could give unauthorized users the ability to execute arbitrary SQL commands, potentially compromising the integrity and confidentiality of the database.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.vulnerability-lab.com/get_content.php?id=115
x_refsource_MISC
http://packetstormsecurity.org/files/view/109238/VL-115.txt
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/72831
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.