You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is a time-based blind SQL Injection vulnerability .So I use sqlmap to exploit it .The following is a proof screenshot.
Databases:
User:
Table:
data:
The text was updated successfully, but these errors were encountered:
We apologise for the inconvenience this may have caused to our customers.
These issues were fixed in July itself, with the release of version 13800. Please upgrade to the latest version from here: http://bit.ly/APMDownload
Zoho manageengine Applications Manager SQL Injection vulnerability
Date: 2018/07/02
Software Link: https://www.manageengine.com/products/applications_manager/download.html
Category: Web Application
Exploit Author: jacky xing From DBAppSecurity
Exploit Author's Email: jacky.xing@dbappsecurity.com.cn
CVE: CVE-2018-13050
Proof of Concept:
This is a time-based blind SQL Injection vulnerability .So I use sqlmap to exploit it .The following is a proof screenshot.
Databases:
User:
Table:
data:
The text was updated successfully, but these errors were encountered: