8 matches found
CVE-2023-51644
Allegra SiteConfigAction Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
CVE-2023-51644
Allegra SiteConfigAction Improper Access Control Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...
ManageEngine ServiceDesk Plus < 11.3 Build 11306 / ManageEngine ServiceDesk Plus MSP < 10.5 Build 10530 RCE
A remote code execution vulnerability exists in ManageEngine ServiceDesk Plus prior to 11.3 Build 11306 and ManageEngine ServiceDesk Plus MSP prior to 10.5 Build 10530 due to a flaw in the /RestAPI URLs in a servlet and ImportTechnicians in the Struts configuration. Note that Nessus has not teste...
CVE-2021-44077
Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration...
Remote code execution
Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration...
CVE-2021-44077
Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration...
CVE-2021-44077
Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration. Recent assessments:...
PT-2021-6071
Name of the Vulnerable Software and Affected Versions Zoho ManageEngine ServiceDesk Plus versions prior to 11306 Zoho ManageEngine ServiceDesk Plus MSP versions prior to 10530 Zoho ManageEngine SupportCenter Plus versions prior to 11014 Description The issue is related to unauthenticated remote...