5 matches found
Code injection
An issue was discovered in the Purchase component of Zoho ManageEngine ServiceDesk Plus. There is XSS via the SearchN.do search field, a different vulnerability than CVE-2019-12189...
Zoho ManageEngine ServiceDesk Plus 9.3 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Zoho ManageEngine ServiceDesk Plus 9.3 Cross-Site Scripting Exploit Author: Enter of VinCSS Vingroup Vendor Homepage: https://www.manageengine.com/products/service-desk Version: Zoho ManageEngine ServiceDesk Plus 9.3 CVE :...
Zoho ManageEngine ServiceDesk Plus 9.3 Cross Site Scripting
Exploit Title: Zoho ManageEngine ServiceDesk Plus 9.3 Cross-Site Scripting Date: 2019-05-21 Exploit Author: Enter of VinCSS Vingroup Vendor Homepage: https://www.manageengine.com/products/service-desk Version: Zoho ManageEngine ServiceDesk Plus 9.3 CVE : CVE-2019-12189 An issue was discovered in...
CVE-2019-12189
creationtimestamp| type| source ---|---|--- 2019-05-21 18:45:25+00:00| seen| https://t.me/cvemitreorg/111...
CVE-2019-12189
CVE-2019-12189 affects Zoho ManageEngine ServiceDesk Plus 9.3. The issue is a Cross-Site Scripting (XSS) vulnerability exposed via the SearchN.do search field, caused by weak validation of the query string. Exploitation is demonstrated in public advisories and exploits (e.g., Exploit-DB entry sho...