E18-5n6j2
CVSS:
5.5 (AV:N/AC:L/Au:S/C:P/I:P/A:N)
False Positive:
t
Variants:
5
Year:
2018
Description
This strike exploits a blind SQL injection vulnerability in ManageEngines OpManager application. The vulnerability is present in the global search input field as a result of insufficient user input sanitization. Therefore, an attacker may be able to read arbitrary database records or even access system files, depending on the databases configuration.
CVE
References
MSB
BID
ExploitDB
Secunia
Security Tracker
Metasploit
ZDI
OSVDB
{}