Manageengine · Manageengine Oputils · CVE-2010-1044
**Name of the Vulnerable Software and Affected Versions**
ManageEngine OpUtils version 5.0
**Description**
A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the `isHttpPort` parameter in the "Login.do" endpoint.
**Recommendations**
For ManageEngine OpUtils version 5.0, avoid using the `isHttpPort` parameter in the Login.do endpoint until the issue is resolved. As a temporary workaround, consider restricting access to the Login.do endpoint to minimize the risk of exploitation.