CVE-2017-11738

In Zoho ManageEngine Application Manager 13.1 Build 13100, the ‘haid’ parameter of the ‘/auditLogAction.do’ module is vulnerable to a Time-based Blind SQL Injection attack.
Source: NIST
CVE-2017-11738