CVE-2014-6038 | HackTesting

Zoho ManageEngine EventLog Analyzer versions 7 through 9.9 build 9002 have a database Information Disclosure Vulnerability. Fixed in EventLog Analyzer 10.0 Build 10000.

References

http://packetstormsecurity.com/files/128996/ManageEngine-EventLog-Analyzer-SQL-Credential-Disclosure.html

http://www.securityfocus.com/bid/70959

https://exchange.xforce.ibmcloud.com/vulnerabilities/98540

http://seclists.org/fulldisclosure/2014/Nov/12