cpe:/a:zohocorp:manageengine_applications_manager:13.0 CVE-2017-16542 2017-11-05T12:29:00.297-05:00 2018-08-06T21:29:01.627-04:00 6.5 NETWORK LOW SINGLE_INSTANCE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov EXPLOIT-DB 43129 MISC http://code610.blogspot.com/2017/11/sql-injection-in-manageengine.html CONFIRM https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2017-16542.html Zoho ManageEngine Applications Manager 13 before build 13500 allows Post-authentication SQL injection via the name parameter in a manageApplications.do?method=insert request.