17 matches found
EUVD-2008-1436
Malware in sbrugna...
ManageEngine SupportCenter Plus < 14.9 Build 14940 Privilege Escalation
The version of ManageEngine SupportCenter Plus installed on the remote host is prior to 14.9 Build 14940. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-8309 advisory. - A privilege escalation vulnerability caused by the overly permissive regular expression regex rule...
CVE-2008-1432
Cross-site scripting XSS vulnerability in SolutionSearch.do in ManageEngine SupportCenter Plus 7.0.0 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter, a related issue to CVE-2008-1299. NOTE: the provenance of this information is unknown; the details are...
ManageEngine SupportCenter Plus < 14.8 Build 14810
The version of ManageEngine SupportCenter Plus installed on the remote host is prior to 14.8 Build 14810. It is, therefore, affected by a vulnerability as referenced in the support-centerCVE-2024-41150 advisory. - An Stored Cross-site Scripting vulnerability in request module affects Zohocorp...
ManageEngine SupportCenter Plus < 14.7 Build 14720
The version of ManageEngine SupportCenter Plus installed on the remote host is prior to 14.7 Build 14720. It is, therefore, affected by a vulnerability as referenced in the support-centercve-2024-27314 advisory. - A stored cross-site scripting XSS vulnerability allowed users with the SDAdmin role...
ManageEngine SupportCenter Plus < 11.0 Build 11023
The version of ManageEngine SupportCenter Plus installed on the remote host is prior to 11.0 Build 11023, 11.0 Build 11023, 11.0 Build 11023. It is, therefore, affected by a vulnerability as referenced in the support- centercve-2022-36412 advisory. - In Zoho ManageEngine SupportCenter Plus before...
ManageEngine SupportCenter Plus < 14.2 Build 14200
The version of ManageEngine SupportCenter Plus installed on the remote host is prior to 14.2 Build 14200. It is, therefore, affected by a vulnerability as referenced in the support-centerCVE-2023-38331 advisory. - Zoho ManageEngine Support Center Plus 14001 and below is vulnerable to stored XSS i...
ManageEngine SupportCenter Plus < 11.0 Build 11025
The version of ManageEngine SupportCenter Plus installed on the remote host is prior to 11.0 Build 11025. It is, therefore, affected by a vulnerability as referenced in the support-centercve-2022-40773 advisory. - Zoho ManageEngine ServiceDesk Plus MSP before 10609 and SupportCenter Plus before...
PT-2023-24732 · Zoho · Zoho Manageengine Servicedesk Plus +1
Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine ServiceDesk Plus versions prior to 14202 Zoho ManageEngine ServiceDesk Plus MSP versions prior to 14300 Zoho ManageEngine SupportCenter Plus versions prior to 14300 Description: The issue allows unprivileged users to access...
ManageEngine SupportCenter Plus < 14.0 Build 14000 Privilege Escalation
The version of ManageEngine SupportCenter Plus prior to 14.0 Build 14000 is running on the remote web server. It is, therefore, affected by the following: - A privilege escalation vulnerability in query reports. This vulnerability allows an attacker to gain access to restricted data in a Postgres...
ZOHO ManageEngine SupportCenter Plus Cross-Site Scripting Vulnerability (CNVD-2018-19734)
ZOHO ManageEngine SupportCenter Plus is a suite of customer service support management software from ZOHO USA. The software provides help desk, customer management, service level management and tracking of customer requests. A cross-site scripting vulnerability exists in ZOHO ManageEngine...
ManageEngine SupportCenter Plus 8.1.0 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: ManageEngine SupportCenter Plus 8.1.0 - HTML Injection and Stored XSS Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.manageengine.com/ Hardware Link : https://www.manageengine.com/products/support-center/ Software ...
ManageEngine SupportCenter Plus Multiple Vulnerabilities (Jun 2015)
ManageEngine SupportCenter Plus is prone to multiple vulnerabilities. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
CVE-2014-100002
Directory traversal vulnerability in ManageEngine SupportCenter Plus 7.9 before 7917 allows remote attackers to read arbitrary files via a ..%2f dot dot encoded slash in the attach parameter to WorkOrder.do in the file attachment for a new ticket...
Directory traversal
Directory traversal vulnerability in ManageEngine SupportCenter Plus 7.9 before 7917 allows remote attackers to read arbitrary files via a ..%2f dot dot encoded slash in the attach parameter to WorkOrder.do in the file attachment for a new ticket...
ManageEngine SupportCenter Plus Detection
The remote web server hosts ManageEngine SupportCenter Plus, a web- based customer support application written in Java. %NASLMINLEVEL 70300 C Tenable, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid55447; scriptversion"1.10";...
ManageEngine Support Center Plus 7.8 Build 7801 - Directory Traversal
ManageEngine Support Center Plus 7.8 Build 7801 - Directory Traversal Advisory: ManageEngine Support Center Plus 7.8 build 0x90.nl Software link: http://www.manageengine.com/products/support-center/download.html Tested on: Linux & Windows Category: Directory Traversal Severity: High Google Dork:...