5 matches found
CVE-2022-40770
Zoho ManageEngine ServiceDesk Plus versions 13010 and prior are vulnerable to authenticated command injection. This can be exploited by high-privileged users...
Design/Logic Flaw
Incomplete List of Disallowed Inputs in ManageEngine ServiceDesk Plus before version 11205 allows a remote, authenticated attacker to execute arbitrary commands with SYSTEM privileges...
ZOHO ManageEngine ServiceDesk Plus HTML Injection Vulnerability
ZOHO ManageEngine ServiceDesk is the United States ZhuoHao ZOHO company's set of web-based help desk HelpDesk and asset management software. An HTML injection vulnerability exists in ManageEngine ServiceDesk Plus 9.2 and prior versions, which stems from the program's inability to adequately filte...
ManageEngine Service Desk Plus 8.1 Stored XSS
Exploit for php platform in category web applications !/usr/bin/python ''' Author: loneferret of Offensive Security Product: ManageEngine Service Desk Plus Windows standard Version: 8.1 Vendor Site: http://www.manageengine.com Software Download:...
ManageEngine Service Desk Plus 8.0 Directory Traversal Vulnerability
Exploit for jsp platform in category web applications Google Dork: ie: intitle:ManageEngine ServiceDesk Plus" Author: Keith Lee email protected Software Link: http://www.manageengine.com/products/service-desk/91677414/ManageEngineServiceDeskPlus.exe Version: 8.0 Description: Directory traversal...