Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zohocorp manageengine supportcenter plus vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2022-40770
Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to authenticated command injection. This can be exploited by high-privileged users.
Zohocorp Manageengine Servicedesk Plus 13.0
Zohocorp Manageengine Servicedesk Plus
Zohocorp Manageengine Servicedesk Plus Msp 10.6
Zohocorp Manageengine Servicedesk Plus Msp
Zohocorp Manageengine Supportcenter Plus 11.0
Zohocorp Manageengine Supportcenter Plus
6.5
CVSSv3
CVE-2023-26600
ManageEngine ServiceDesk Plus through 14104, ServiceDesk Plus MSP through 14000, Support Center Plus through 14000, and Asset Explorer through 6987 allow privilege escalation via query reports.
Zohocorp Manageengine Supportcenter Plus 11.0
Zohocorp Manageengine Supportcenter Plus
Zohocorp Manageengine Assetexplorer 6.9
Zohocorp Manageengine Assetexplorer
Zohocorp Manageengine Servicedesk Plus Msp
Zohocorp Manageengine Servicedesk Plus Msp 13.0
Zohocorp Manageengine Servicedesk Plus 14.1
Zohocorp Manageengine Servicedesk Plus
6.5
CVSSv3
CVE-2022-40772
Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to a validation bypass that allows users to access sensitive data via the report module.
Zohocorp Manageengine Servicedesk Plus
Zohocorp Manageengine Servicedesk Plus 14.0
Zohocorp Manageengine Servicedesk Plus Msp 10.6
Zohocorp Manageengine Servicedesk Plus Msp
Zohocorp Manageengine Supportcenter Plus 11.0
Zohocorp Manageengine Supportcenter Plus
Zohocorp Manageengine Assetexplorer 6.9
Zohocorp Manageengine Assetexplorer
6.1
CVSSv3
CVE-2021-43294
Zoho ManageEngine SupportCenter Plus prior to 11016 is vulnerable to Reflected XSS in the Products module.
Zohocorp Manageengine Supportcenter Plus 11.0
6.1
CVSSv3
CVE-2021-43295
Zoho ManageEngine SupportCenter Plus prior to 11016 is vulnerable to Reflected XSS in the Accounts module.
Zohocorp Manageengine Supportcenter Plus 11.0
6.1
CVSSv3
CVE-2018-16965
In Zoho ManageEngine SupportCenter Plus prior to 8.1 Build 8109, there is HTML Injection and Stored XSS via the /ServiceContractDef.do contractName parameter.
Zohocorp Manageengine Supportcenter Plus
5.5
CVSSv3
CVE-2023-6105
An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt prod...
Zohocorp Manageengine Mobile Device Manager Plus 10.1.2207.4
Zohocorp Manageengine Appcreator
Zohocorp Manageengine Analytics Plus
Zohocorp Manageengine Endpoint Central Msp
Zohocorp Manageengine Endpoint Central
Zohocorp Manageengine Remote Monitoring And Management
Zohocorp Manageengine Os Deployer
Zohocorp Manageengine Remote Access Plus
Zohocorp Manageengine Mobile Device Manager Plus
Zohocorp Manageengine Application Control Plus
Zohocorp Manageengine Vulnerability Manager Plus
Zohocorp Manageengine Browser Security Plus
Zohocorp Manageengine Patch Manager Plus
Zohocorp Manageengine Device Control Plus
Zohocorp Manageengine Endpoint Dlp Plus
Zohocorp Manageengine Adselfservice Plus 6.3
Zohocorp Manageengine Adselfservice Plus
Zohocorp Manageengine Admanager Plus
Zohocorp Manageengine Admanager Plus 7.2
Zohocorp Manageengine Adaudit Plus 7.2
Zohocorp Manageengine Adaudit Plus
Zohocorp Manageengine Cloud Security Plus 4.1
5.4
CVSSv3
CVE-2023-38331
Zoho ManageEngine Support Center Plus 14001 and below is vulnerable to stored XSS in the products module.
Zohocorp Manageengine Supportcenter Plus 11.0
Zohocorp Manageengine Supportcenter Plus 14.0
Zohocorp Manageengine Supportcenter Plus 8.0
Zohocorp Manageengine Supportcenter Plus 8.1
5.4
CVSSv3
CVE-2023-34197
Zoho ManageEngine ServiceDesk Plus prior to 14202, ServiceDesk Plus MSP prior to 14300, and SupportCenter Plus prior to 14300 have a privilege escalation vulnerability in the Release module that allows unprivileged users to access the Reminders of a release ticket and make modifi...
Zohocorp Manageengine Servicedesk Plus
Zohocorp Manageengine Servicedesk Plus 14.2
Zohocorp Manageengine Servicedesk Plus Msp
Zohocorp Manageengine Servicedesk Plus Msp 14.2
Zohocorp Manageengine Supportcenter Plus
Zohocorp Manageengine Supportcenter Plus 14.2
5.4
CVSSv3
CVE-2022-25373
Zoho ManageEngine SupportCenter Plus prior to 11020 allows Stored XSS in the request history.
Zohocorp Manageengine Supportcenter Plus 11.0
Zohocorp Manageengine Supportcenter Plus
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »