* ManageEngine Mobile Application Manager v10
Multiple SQL Injection vulnerabilities are detected in Manage Engines Mobile Application Manager v10. The vulnerability allows an attacker (remote) or local low privileged user account to inject/execute own sql commands on the affected application dbms without user inter action. The vulnerabilities are located in the DetailsView.do or Search.do module(s) and the bound vulnerable parameters showMGDetails&groupId & viewName. Successful exploitation of the vulnerabilities result in dbms & application compromise via sql injection attack.