Vulmon Recent Vulnerabilities Trends About Contact

assetexplorer vulnerabilities and exploits

(subscribe to this query)

9
CVSSv2
CVE-2014-5301
Directory traversal vulnerability in ServiceDesk Plus MSP v5 to v9.0 v9030; AssetExplorer v4 to v6.1; SupportCenter v5 to v7.9; IT360 v8 to v10.4....
ManageengineAssetexplorerIt360Servicedesk PlusSupportcenter
9
CVSSv2
CVE-2014-5302
Directory traversal vulnerability in ServiceDesk Plus and Plus MSP v5 through v9.0 v9030; AssetExplorer v4 to v6.1; SupportCenter v5 to v7.9; IT360 v8 to v10.4 allows remote authenticated users to execute arbitrary code....
ManageengineAssetexplorerIt360Servicedesk PlusSupportcenter
4.3
CVSSv2
CVE-2019-12537
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the SearchN.do search field....
ZohocorpManageengine Assetexplorer
4.3
CVSSv2
CVE-2019-12595
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via the RCSettings.do rdsName parameter....
ZohocorpManageengine Assetexplorer
4.3
CVSSv2
CVE-2019-12596
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via SoftwareListView.do with the parameter swType or swComplianceType....
ZohocorpManageengine Assetexplorer
4.3
CVSSv2
CVE-2019-12597
An issue was discovered in Zoho ManageEngine AssetExplorer. There is XSS via ResourcesAttachments.jsp with the parameter pageName....
ZohocorpManageengine Assetexplorer
4.3
CVSSv2
CVE-2018-17596
In Zoho ManageEngine AssetExplorer, a Stored XSS vulnerability was discovered in the 6.2.0 version via the /AssetDef.do ciName or assetName parameter....
ZohocorpManageengine Assetexplorer
6.5
CVSSv2
CVE-2019-12994
Server Side Request Forgery (SSRF) exists in Zoho ManageEngine AssetExplorer version 6.2.0 for the AJaxServlet servlet via a parameter in a URL....
ZohocorpManageengine Assetexplorer
6.5
CVSSv2
CVE-2019-12959
Server Side Request Forgery (SSRF) exists in Zoho ManageEngine AssetExplorer 6.2.0 and before for the ClientUtilServlet servlet via a URL in a parameter....
ZohocorpManageengine Assetexplorer
5.5
CVSSv2
CVE-2019-14693
Zoho ManageEngine AssetExplorer 6.2.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing license XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources....
ZohocorpManageengine Assetexplorer
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-2034SSTImods-for-heskphplistmods for heskCVE-2020-15092CVE-2020-8195open redirectCVE-2018-12371overflowCVE-2012-6489CVE-2013-0802