Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
servicedesk plus vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-12540
An issue exists in Zoho ManageEngine ServiceDesk Plus 10.5. There is XSS via the WorkOrder.do search field.
Zohocorp Manageengine Servicedesk Plus 10.5
7.8
CVSSv3
CVE-2019-12133
Multiple Zoho ManageEngine products suffer from local privilege escalation due to improper permissions for the %SYSTEMDRIVE%\ManageEngine directory and its sub-folders. Moreover, the services associated with said products try to execute binaries such as sc.exe from the current di...
Zohocorp Manageengine Mobile Device Manager Plus 9.0.0
Zohocorp Manageengine Patch Connect Plus 9.0.0
Zohocorp Manageengine Vulnerability Manager Plus 9.0.0
Zohocorp Manageengine Patch Manager Plus 9.0.0
Zohocorp Manageengine Browser Security Plus -
Zohocorp Manageengine Eventlog Analyzer 12.0.2
Zohocorp Manageengine Supportcenter Plus 8.1
Zohocorp Manageengine Opmanager 12.3
Zohocorp Manageengine Oputils 11.0
Zohocorp Manageengine Desktop Central 10.0.380
Zohocorp Manageengine Firewall 12.0
Zohocorp Manageengine Key Manager Plus 5.6
Zohocorp Manageengine Password Manager Pro 9.9
Zohocorp Manageengine Analytics Plus 1.0
Zohocorp Manageengine Servicedesk Plus 10.0.0
Zohocorp Manageengine O365 Manager Plus 4.0
Zohocorp Manageengine Netflow Analyzer 11.0
Zohocorp Manageengine Network Configuration Manager 11.0
6.1
CVSSv3
CVE-2019-12538
An issue exists in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SiteLookup.do search field.
Zohocorp Manageengine Servicedesk Plus 9.3
1 EDB exploit
1 Github repository
6.1
CVSSv3
CVE-2019-12541
An issue exists in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SolutionSearch.do searchText parameter.
Zohocorp Manageengine Servicedesk Plus 9.3
1 EDB exploit
1 Github repository
6.1
CVSSv3
CVE-2019-12542
An issue exists in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SearchN.do userConfigID parameter.
Zohocorp Manageengine Servicedesk Plus 9.3
1 Github repository
6.1
CVSSv3
CVE-2019-12543
An issue exists in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the PurchaseRequest.do serviceRequestId parameter.
Zohocorp Manageengine Servicedesk Plus 9.3
1 EDB exploit
1 Github repository
6.5
CVSSv3
CVE-2019-12252
In Zoho ManageEngine ServiceDesk Plus up to and including 10.5, users with the lowest privileges (guest) can view an arbitrary post by appending its number to the SDNotify.do?notifyModule=Solution&mode=E-Mail¬ifyTo=SOLFORWARD&id= substring.
Zohocorp Manageengine Servicedesk Plus
1 EDB exploit
6.1
CVSSv3
CVE-2019-12189
An issue exists in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SearchN.do search field.
Zohocorp Manageengine Servicedesk Plus 9.3
1 EDB exploit
1 Github repository
8.8
CVSSv3
CVE-2019-10008
Zoho ManageEngine ServiceDesk 9.3 allows session hijacking and privilege escalation because an established guest session is automatically converted into an established administrator session when the guest user enters the administrator username, with an arbitrary incorrect passwor...
Zohocorp Servicedesk Plus 9.3
1 EDB exploit
1 Github repository
4.3
CVSSv3
CVE-2019-10273
Information leakage vulnerability in the /mc login page in ManageEngine ServiceDesk Plus 9.3 software allows authenticated users to enumerate active users. Due to a flaw within the way the authentication is handled, an attacker is able to login and verify any active account.
Zohocorp Manageengine Servicedesk Plus 9.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »