Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
servicedesk plus vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2017-9376
ManageEngine ServiceDesk Plus prior to 9314 contains a local file inclusion vulnerability in the defModule parameter in DefaultConfigDef.do and AssetDefaultConfigDef.do.
Zohocorp Manageengine Servicedesk Plus
9.8
CVSSv3
CVE-2019-8395
An Insecure Direct Object Reference (IDOR) vulnerability exists in Zoho ManageEngine ServiceDesk Plus (SDP) prior to 10.0 build 10007 via an attachment to a request.
Zohocorp Manageengine Servicedesk Plus
4.8
CVSSv3
CVE-2020-6843
Zoho ManageEngine ServiceDesk Plus 11.0 Build 11007 allows XSS. This issue was fixed in version 11.0 Build 11010, SD-83959.
Zohocorp Manageengine Servicedesk Plus
NA
CVE-2011-2756
FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0 before Build 8012 does not require authentication, which allows remote malicious users to read files from a specific directory via unspecified vectors.
Manageengine Servicedesk Plus 8.0
6.1
CVSSv3
CVE-2019-12539
An issue exists in the Purchase component of Zoho ManageEngine ServiceDesk Plus. There is XSS via the SearchN.do search field, a different vulnerability than CVE-2019-12189.
Zohocorp Manageengine Servicedesk Plus 10.5
6.1
CVSSv3
CVE-2019-12540
An issue exists in Zoho ManageEngine ServiceDesk Plus 10.5. There is XSS via the WorkOrder.do search field.
Zohocorp Manageengine Servicedesk Plus 10.5
6.1
CVSSv3
CVE-2019-12541
An issue exists in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SolutionSearch.do searchText parameter.
Zohocorp Manageengine Servicedesk Plus 9.3
1 EDB exploit
1 Github repository
6.1
CVSSv3
CVE-2019-12543
An issue exists in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the PurchaseRequest.do serviceRequestId parameter.
Zohocorp Manageengine Servicedesk Plus 9.3
1 EDB exploit
1 Github repository
6.1
CVSSv3
CVE-2023-23073
Cross site scripting (XSS) vulnerability in Zoho ManageEngine ServiceDesk Plus 14 via PO in the purchase component.
Zohocorp Manageengine Servicedesk Plus 14.0
6.1
CVSSv3
CVE-2019-12542
An issue exists in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SearchN.do userConfigID parameter.
Zohocorp Manageengine Servicedesk Plus 9.3
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »