|
Description
|
|
Two vulnerabilities have been discovered in ManageEngine Security Manager Plus, which can be exploited by malicious people to disclose potentially sensitive system information and conduct SQL injection attacks.
1) Input passed via the "f" parameter to /store is not properly verified before being used to display files. This can be exploited to disclose the contents of certain files via directory traversal sequences.
2) Input passed via the "value_1" POST parameter to STATE_ID/31337/jsp/xmlhttp/persistence.jsp (when "reqType" is set to "AdvanceSearch") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
The vulnerabilities are confirmed in version 5.5 build 5505. Other versions may also be affected.
|
