Lucene search
+L

6 matches found

0day.today
0day.today
added 2019/06/06 12:0 a.m.131 views

Zoho ManageEngine ServiceDesk Plus 9.3 - (PurchaseRequest.do) Cross-Site Scripting Vulnerability

Exploit for java platform in category web applications Exploit Title: Zoho ManageEngine ServiceDesk Plus 9.3 Cross-Site Scripting via PurchaseRequest.do Exploit Author: Tarantula Team - VinCSS a member of Vingroup Vendor Homepage: https://www.manageengine.com/products/service-desk Version: Zoho...

4.3CVSS6.4AI score0.06056EPSS
Exploits5
Cvelist
Cvelist
added 2019/06/05 2:15 p.m.36 views

CVE-2019-12543

An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the PurchaseRequest.do serviceRequestId parameter...

5.9AI score0.06056EPSS
Exploits5References2
CVE
CVE
added 2019/06/05 2:15 p.m.96 views

CVE-2019-12543

CVE-2019-12543 affects Zoho ManageEngine ServiceDesk Plus 9.3. It is a Cross-Site Scripting (XSS) vulnerability via the PurchaseRequest.do parameter serviceRequestId (e.g., /PurchaseRequest.do?operation=getAssociatedPrsForSR&serviceRequestId=…). Root cause: insufficient input validation/sanitizat...

6.1CVSS5.8AI score0.06056EPSS
Exploits5References2Affected Software1
Packet Storm
Packet Storm
added 2019/06/04 12:0 a.m.245 views

Zoho ManageEngine ServiceDesk Plus 9.3 Cross Site Scripting

Exploit Title: Zoho ManageEngine ServiceDesk Plus 9.3 Cross-Site Scripting via SiteLookup.do Date: 2019-06-04 Exploit Author: Tarantula Team - VinCSS a member of Vingroup Vendor Homepage: https://www.manageengine.com/products/service-desk Version: Zoho ManageEngine ServiceDesk Plus 9.3 CVE :...

0.06056EPSS
Exploits17
exploitpack
exploitpack
added 2019/06/04 12:0 a.m.93 views

Zoho ManageEngine ServiceDesk Plus 9.3 - PurchaseRequest.do Cross-Site Scripting

Zoho ManageEngine ServiceDesk Plus 9.3 - PurchaseRequest.do Cross-Site Scripting Exploit Title: Zoho ManageEngine ServiceDesk Plus 9.3 Cross-Site Scripting via PurchaseRequest.do Date: 2019-06-04 Exploit Author: Tarantula Team - VinCSS a member of Vingroup Vendor Homepage:...

4.3CVSS0.1AI score0.06056EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/06/04 12:0 a.m.244 views

Zoho ManageEngine ServiceDesk Plus 9.3 - 'PurchaseRequest.do' Cross-Site Scripting

Exploit Title: Zoho ManageEngine ServiceDesk Plus 9.3 Cross-Site Scripting via PurchaseRequest.do Date: 2019-06-04 Exploit Author: Tarantula Team - VinCSS a member of Vingroup Vendor Homepage: https://www.manageengine.com/products/service-desk Version: Zoho ManageEngine ServiceDesk Plus 9.3 CVE :...

6.1CVSS6.3AI score0.06056EPSS
Exploits5
Rows per page
Query Builder