Show filters
56 Total Results
Displaying 21-30 of 56
Sort by:
Attacker Value
Unknown
CVE-2022-40773
Disclosure Date: November 12, 2022 (last updated December 22, 2024)
Zoho ManageEngine ServiceDesk Plus MSP before 10609 and SupportCenter Plus before 11025 are vulnerable to privilege escalation. This allows users to obtain sensitive data during an exportMickeyList export of requests from the list view.
0
Attacker Value
Unknown
CVE-2022-35403
Disclosure Date: July 12, 2022 (last updated October 07, 2023)
Zoho ManageEngine ServiceDesk Plus before 13008, ServiceDesk Plus MSP before 10606, and SupportCenter Plus before 11022 are affected by an unauthenticated local file disclosure vulnerability via ticket-creation email. (This also affects Asset Explorer before 6977 with authentication.)
0
Attacker Value
Unknown
CVE-2022-32551
Disclosure Date: July 02, 2022 (last updated October 07, 2023)
Zoho ManageEngine ServiceDesk Plus MSP before 10604 allows path traversal (to WEBINF/web.xml from sample/WEB-INF/web.xml or sample/META-INF/web.xml).
0
Attacker Value
Unknown
CVE-2022-25245
Disclosure Date: April 05, 2022 (last updated October 07, 2023)
Zoho ManageEngine ServiceDesk Plus before 13001 allows anyone to know the organisation's default currency name.
0
Attacker Value
Unknown
CVE-2021-46065
Disclosure Date: January 27, 2022 (last updated October 07, 2023)
A Cross-site scripting (XSS) vulnerability in Secondary Email Field in Zoho ManageEngine ServiceDesk Plus 11.3 Build 11306 allows an attackers to inject arbitrary JavaScript code.
0
Attacker Value
Unknown
CVE-2021-44526
Disclosure Date: December 23, 2021 (last updated October 07, 2023)
Zoho ManageEngine ServiceDesk Plus before 12003 allows authentication bypass in certain admin configurations.
0
Attacker Value
Unknown
CVE-2021-44675
Disclosure Date: December 20, 2021 (last updated October 07, 2023)
Zoho ManageEngine ServiceDesk Plus MSP before 10.5 Build 10534 is vulnerable to unauthenticated remote code execution due to a filter bypass in which authentication is not required.
0
Attacker Value
Unknown
CVE-2021-37415
Disclosure Date: September 01, 2021 (last updated February 15, 2024)
Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-API URLs without authentication.
0
Attacker Value
Unknown
CVE-2021-31160
Disclosure Date: June 29, 2021 (last updated November 28, 2024)
Zoho ManageEngine ServiceDesk Plus MSP before 10521 allows an attacker to access internal data.
0
Attacker Value
Unknown
CVE-2021-31530
Disclosure Date: June 29, 2021 (last updated November 28, 2024)
Zoho ManageEngine ServiceDesk Plus MSP before 10522 is vulnerable to Information Disclosure.
0
