Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
xistence vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2014-100002
Directory traversal vulnerability in ManageEngine SupportCenter Plus 7.9 prior to 7917 allows remote malicious users to read arbitrary files via a ..%2f (dot dot encoded slash) in the attach parameter to WorkOrder.do in the file attachment for a new ticket.
Zohocorp Manageengine Supportcenter Plus
1 EDB exploit
760
VMScore
CVE-2015-7387
ZOHO ManageEngine EventLog Analyzer 10.6 build 10060 and previous versions allows remote malicious users to bypass intended restrictions and execute arbitrary SQL commands via an allowed query followed by a disallowed one in the query parameter to event/runQuery.do, as demonstrat...
Zohocorp Manageengine Eventlog Analyzer
2 EDB exploits
515
VMScore
CVE-2011-2755
Directory traversal vulnerability in FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0 before Build 8012 allows remote malicious users to read arbitrary files via unspecified vectors.
Manageengine Servicedesk Plus 8.0
3 EDB exploits
515
VMScore
CVE-2011-2757
Directory traversal vulnerability in FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0.0.12 and previous versions allows remote malicious users to read arbitrary files via a .. (dot dot) in the FILENAME parameter. NOTE: this might overlap the US-CERT VU#543310 issue.
Manageengine Servicedesk Plus
Manageengine Servicedesk Plus 7.6
Manageengine Servicedesk Plus 8.0
Manageengine Servicedesk Plus 7.0.0
3 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started