35 matches found
EUVD-2008-1436
Malware in sbrugna...
EUVD-2022-39124
Malicious code in bioql PyPI...
ManageEngine SupportCenter Plus < 14.9 Build 14940 Privilege Escalation
The version of ManageEngine SupportCenter Plus installed on the remote host is prior to 14.9 Build 14940. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-8309 advisory. - A privilege escalation vulnerability caused by the overly permissive regular expression regex rule...
CVE-2021-43296
Zoho ManageEngine SupportCenter Plus before 11016 is vulnerable to an SSRF attack in ActionExecutor...
CVE-2008-1432
Cross-site scripting XSS vulnerability in SolutionSearch.do in ManageEngine SupportCenter Plus 7.0.0 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter, a related issue to CVE-2008-1299. NOTE: the provenance of this information is unknown; the details are...
ManageEngine SupportCenter Plus < 14.8 Build 14810
The version of ManageEngine SupportCenter Plus installed on the remote host is prior to 14.8 Build 14810. It is, therefore, affected by a vulnerability as referenced in the support-centerCVE-2024-41150 advisory. - An Stored Cross-site Scripting vulnerability in request module affects Zohocorp...
ManageEngine SupportCenter Plus < 14.7 Build 14720
The version of ManageEngine SupportCenter Plus installed on the remote host is prior to 14.7 Build 14720. It is, therefore, affected by a vulnerability as referenced in the support-centercve-2024-27314 advisory. - A stored cross-site scripting XSS vulnerability allowed users with the SDAdmin role...
ManageEngine SupportCenter Plus < 11.0 Build 11025
The version of ManageEngine SupportCenter Plus installed on the remote host is prior to 11.0 Build 11025. It is, therefore, affected by a vulnerability as referenced in the support-centercve-2022-40773 advisory. - Zoho ManageEngine ServiceDesk Plus MSP before 10609 and SupportCenter Plus before...
ManageEngine SupportCenter Plus < 14.2 Build 14200
The version of ManageEngine SupportCenter Plus installed on the remote host is prior to 14.2 Build 14200. It is, therefore, affected by a vulnerability as referenced in the support-centerCVE-2023-38331 advisory. - Zoho ManageEngine Support Center Plus 14001 and below is vulnerable to stored XSS i...
ManageEngine SupportCenter Plus < 11.0 Build 11023
The version of ManageEngine SupportCenter Plus installed on the remote host is prior to 11.0 Build 11023, 11.0 Build 11023, 11.0 Build 11023. It is, therefore, affected by a vulnerability as referenced in the support- centercve-2022-36412 advisory. - In Zoho ManageEngine SupportCenter Plus before...
ManageEngine SupportCenter Plus < 11.0 Build 11025
The version of ManageEngine SupportCenter Plus installed on the remote host is prior to 11.0 Build 11025. It is, therefore, affected by a vulnerability as referenced in the support-centercve-2022-42903 advisory. - Zoho ManageEngine SupportCenter Plus through 11024 allows low-privileged users to...
PT-2023-24732 · Zoho · Zoho Manageengine Servicedesk Plus +1
Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine ServiceDesk Plus versions prior to 14202 Zoho ManageEngine ServiceDesk Plus MSP versions prior to 14300 Zoho ManageEngine SupportCenter Plus versions prior to 14300 Description: The issue allows unprivileged users to access...
ManageEngine SupportCenter Plus < 14.0 Build 14000 Privilege Escalation
The version of ManageEngine SupportCenter Plus prior to 14.0 Build 14000 is running on the remote web server. It is, therefore, affected by the following: - A privilege escalation vulnerability in query reports. This vulnerability allows an attacker to gain access to restricted data in a Postgres...
ManageEngine SupportCenter Plus < 11.0 Build 11025 Privilege Escalation
A privilege escalation vulnerability exists in ManageEngine SupportCenter Plus prior to 11.0 Build 11025. This vulnerability allows an adversary to access restricted data in the Postgres database setup by using a specific PostgreSQL function in the query, which enables bypassing the validation...
CVE-2022-42903
Zoho ManageEngine SupportCenter Plus through 11024 allows low-privileged users to view the organization users list...
CVE-2022-36412
In Zoho ManageEngine SupportCenter Plus before 11023, V3 API requests are vulnerable to authentication bypass. An API request may, in effect, be executed with the credentials of a user who authenticated in the past...
ZOHO ManageEngine SupportCenter Plus 授权问题漏洞
ZOHO ManageEngine SupportCenter Plus is a web-based customer support software from ZOHO India. It is used to allow organizations to efficiently manage customer requests, their account and contact information, service contracts, and provide a superior customer experience in the process. A security...
CVE-2022-25373
Zoho ManageEngine SupportCenter Plus before 11020 allows Stored XSS in the request history...
CVE-2021-43294
Zoho ManageEngine SupportCenter Plus before 11016 is vulnerable to Reflected XSS in the Products module...
CVE-2021-43294
Zoho ManageEngine SupportCenter Plus before 11016 is vulnerable to Reflected XSS in the Products module...