Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /showresource.do resourceid parameter in a showPlasmaView action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zohocorp manageengine applications manager 13.0 |