CVE-2020-35765

doFilter in com.adventnet.appmanager.filter.UriCollector in Zoho ManageEngine Applications Manager through 14930 allows an authenticated SQL Injection via the resourceid parameter to showresource.do.
Configurations

Configuration 1

cpe:2.3:a:zohocorp:manageengine_applications_manager:14.9:build14900:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.9:build14910:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.9:build14911:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.9:build14930:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:14.9:-:*:*:*:*:*:*
cpe:2.3:a:zohocorp:manageengine_applications_manager:*:*:*:*:*:*:*:*

Information

Published : 2021-02-05 02:15

Updated : 2021-02-17 09:05


NVD link : CVE-2020-35765

Mitre link : CVE-2020-35765

CWE