cve/2019/CVE-2019-8394.md

CVE-2019-8394

Description

Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10012 allows remote attackers to upload arbitrary files via login page customization.

POC

Reference

• https://www.exploit-db.com/exploits/46413/

Github

• https://github.com/ARPSyndicate/cvemon
• https://github.com/Ostorlab/KEV
• https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
• https://github.com/cetriext/fireeye_cves
• https://github.com/whitfieldsdad/epss