Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8
CVE-2017-16847
- EPSS 12.31%
- Published 16.11.2017 17:29:00
- Last modified 20.04.2025 01:37:25
Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /showresource.do resourceid parameter in a showPlasmaView action.
9.8
CVE-2017-16846
- EPSS 12.31%
- Published 16.11.2017 17:29:00
- Last modified 20.04.2025 01:37:25
Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /manageApplications.do?method=AddSubGroup haid parameter.
8.8
CVE-2017-16542
- EPSS 1.22%
- Published 05.11.2017 17:29:00
- Last modified 20.04.2025 01:37:25
Zoho ManageEngine Applications Manager 13 before build 13500 allows Post-authentication SQL injection via the name parameter in a manageApplications.do?method=insert request.
9.8
CVE-2017-16543
- EPSS 1.93%
- Published 05.11.2017 17:29:00
- Last modified 20.04.2025 01:37:25
Zoho ManageEngine Applications Manager 13 before build 13500 allows SQL injection via GraphicalView.do, as demonstrated by a crafted viewProps yCanvas field or viewid parameter.