CVE-2020-35765

CVE-2020-35765

EPSS 28.2%

doFilter in com.adventnet.appmanager.filter.UriCollector in Zoho ManageEngine Applications Manager through 14930 allows an authenticated SQL Injection via the resourceid parameter to showresource.do.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.manageengine.com https://www.manageengine.com/products/applications_manager/issues.html#v15000 https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2020-35765.html https://www.tenable.com/security/research/tra-2021-02