CVE-2019-11448 is a vulnerability in Zoho Corp Manageengine Applications Manager
Published on April 22, 2019

An issue was discovered in Zoho ManageEngine Applications Manager 11.0 through 14.0. An unauthenticated user can gain the authority of SYSTEM on the server due to a Popup_SLA.jsp sid SQL injection vulnerability. For example, the attacker can subsequently write arbitrary text to a .vbs file.

NVD

Products Associated with CVE-2019-11448

Want to know whenever a new CVE is published for Zoho Corp Manageengine Applications Manager? stack.watch will email you.

Zoho Corp Manageengine Applications Manager

Exploit Probability

EPSS

17.39%

Percentile

94.94%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-11448 is a vulnerability in Zoho Corp Manageengine Applications ManagerPublished on April 22, 2019

Products Associated with CVE-2019-11448

Exploit Probability

CVE-2019-11448 is a vulnerability in Zoho Corp Manageengine Applications Manager
Published on April 22, 2019