CVEs (26)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Zohocorp 1Manageengine Servicedesk Plus Msp Nov 21, 2024 Dec 20, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Zoho ManageEngine ServiceDesk Plus MSP before 10.5 Build 10534 is vulnerable to unauthenticated remote code execution due to a filter bypass in which authentication is not required. |
1Zohocorp 3Manageengine Servicedesk Plus Manageengine Servicedesk Plus MspManageengine Supportcenter PlusOct 31, 2025 Nov 29, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servl...Show more |
1Zohocorp 1Manageengine Servicedesk Plus Msp May 30, 2025 Jun 29, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Zoho ManageEngine ServiceDesk Plus MSP before 10521 is vulnerable to Server-Side Request Forgery (SSRF). |
1Zohocorp 1Manageengine Servicedesk Plus Msp May 30, 2025 Jun 29, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Zoho ManageEngine ServiceDesk Plus MSP before 10522 is vulnerable to Information Disclosure. |
1Zohocorp 2Manageengine Servicedesk Plus Manageengine Servicedesk Plus MspMay 30, 2025 Jun 29, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Zoho ManageEngine ServiceDesk Plus MSP before 10521 allows an attacker to access internal data. |
1Zohocorp 1Manageengine Servicedesk Plus Msp Nov 21, 2024 Jun 16, 2021 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due to improper error-message generation in the Forgot Password functionality, aka SDPMSP-15732. |