mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-09 19:17:37 +02:00
0xMarcio
824 B
824 B
CVE-2017-11559
Description
An issue was discovered in ZOHO ManageEngine OpManager 12.2. The 'apiKey' parameter of "/api/json/admin/getmailserversettings" and "/api/json/dashboard/gotoverviewlist" is vulnerable to a Blind SQL Injection attack.
POC
Reference
- https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=18736
- https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=18736
Github
No PoCs found on GitHub currently.