CVE-2019-15105 is a vulnerability in Zoho Corp Manageengine Applications Manager
Published on August 16, 2019

An issue was discovered in Zoho ManageEngine Application Manager through 14.2. There is a SQL Injection vulnerability in jsp/NewThresholdConfiguration.jsp via the resourceid parameter. Therefore, a low-authority user can gain the authority of SYSTEM on the server. One can consequently upload a malicious file using the "Execute Program Action(s)" feature.

NVD

Products Associated with CVE-2019-15105

Want to know whenever a new CVE is published for Zoho Corp Manageengine Applications Manager? stack.watch will email you.

Zoho Corp Manageengine Applications Manager

Exploit Probability

EPSS

2.76%

Percentile

85.78%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-15105 is a vulnerability in Zoho Corp Manageengine Applications ManagerPublished on August 16, 2019

Products Associated with CVE-2019-15105

Exploit Probability

CVE-2019-15105 is a vulnerability in Zoho Corp Manageengine Applications Manager
Published on August 16, 2019