CVE-2025-14730

creationtimestamp| type| source ---|---|--- 2025-12-16 15:03:11+00:00| seen| https://infosec.exchange/users/vuldb/statuses/115729851400584628...

CVE-2024-27314

Zoho ManageEngine ServiceDesk Plus versions below 14730, ServiceDesk Plus MSP below 14720 and SupportCenter Plus below 14720 are vulnerable to stored XSS in the Custom Actions menu on the request details. This vulnerability can be exploited only by the SDAdmin role users...

CVE-2019-14730

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a domain from a victim's account via an attacker account...

CVE-2024-27314

Zoho ManageEngine ServiceDesk Plus versions below 14730, ServiceDesk Plus MSP below 14720 and SupportCenter Plus below 14720 are vulnerable to stored XSS in the Custom Actions menu on the request details. This vulnerability can be exploited only by the SDAdmin role users...

CVE-2024-27314 Stored XSS Vulnerability

Zoho ManageEngine ServiceDesk Plus versions below 14730, ServiceDesk Plus MSP below 14720 and SupportCenter Plus below 14720 are vulnerable to stored XSS in the Custom Actions menu on the request details. This vulnerability can be exploited only by the SDAdmin role users...

PT-2024-5294 · Zoho · Zoho Manageengine Servicedesk Plus +1

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine ServiceDesk Plus versions below 14730 Zoho ManageEngine ServiceDesk Plus MSP versions below 14720 Zoho ManageEngine SupportCenter Plus versions below 14720 Description: The vulnerability exists in the Custom Actions componen...

Zoho ManageEngine Application Manager SQL Injection Vulnerability (CNVD-2021-05408)

ZOHO ManageEngine Application Manager is a set of application monitoring and management system of the United States ZhuoHao ZOHO company. The system is mainly used to monitor server and application performance. A SQL injection vulnerability exists in Zoho ManageEngine Application Manager 14.7 Bui...

CVE-2020-15521

Zoho ManageEngine Applications Manager before 14 build 14730 has no protection against jsp/header.jsp Cross-site Scripting XSS...

brocode (>=1.0.0 <=2.0.0-pre4), browserify-lazy-server (>=0.0.0-beta.0 <=0.0.0-beta.1) +10 more potentially affected by CVE-2018-14730 via browserify-hmr (=0.3.7)

browserify-hmr NPM version =0.3.7 is affected by a known vulnerability. The following packages have a transitive dependency on browserify-hmr and may be impacted: - brocode =1.0.0, =0.0.0-beta.0, =0.2.0, =3.5.0, =1.0.0, =0.0.3, =2.3.0, =0.1.0, =1.0.0, =0.1.0, =0.0.11, =0.0.13 Source cves:...

CVE-2019-14730

CVE-2019-14730 affects CentOS Web Panel 0.9.8.851. The vulnerability is an insecure object reference that allows an attacker with an account to delete a domain from another user’s account. Root cause: insufficient access control around domain management/object references. Impact: unauthorized dom...

CVE-2018-14730

The CVE-2018-14730 entry concerns Browserify-HMR. Affected component: the WebSocket server used for Hot Module Replacement. Root cause: origin validation is missing, allowing any origin to receive HMR messages via ws://127.0.0.1:3123/ (or similar), enabling an attacker to access a developer’s cod...

CVE-2017-14730

The vulnerability CVE-2017-14730 affects the Gentoo package Gentoo app-admin/logstash-bin (versions before 5.5.3 and 5.6.x before 5.6.1). The root cause is in the init script, which performs recursive chown -R on user-writable directory trees. This enables a local attacker to exploit access to a ...