• info
• discussion
• exploit
• solution
• references

ManageEngine Support Center Plus Multiple Security Vulnerabilities

ManageEngine Support Center Plus is prone to the following security vulnerabilities:

1. An SQL-injection vulnerability
2. Multiple HTML-injection vulnerabilities
3. Multiple security-bypass vulnerability

The attacker may exploit these issues to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, and bypass certain security restrictions to perform unauthorized actions.