CVE-2019-19650

Zoho ManageEngine Applications Manager before 13640 allows a remote authenticated SQL injection via the Agent servlet agentid parameter to the Agent.java process function.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:zohocorp:manageengine_applications_manager:*:*:*:*:*:*:*:*

History

30 Jan 2023, 20:01

Type Values Removed Values Added
References (MISC) https://gitlab.com/eLeN3Re/CVE-2019-19650 - (MISC) https://gitlab.com/eLeN3Re/CVE-2019-19650 - Third Party Advisory

Information

Published : 2019-12-11 18:16

Updated : 2023-12-10 13:13


NVD link : CVE-2019-19650

Mitre link : CVE-2019-19650

CVE.ORG link : CVE-2019-19650


JSON object : View

Products Affected

zohocorp

  • manageengine_applications_manager
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')