Known vulnerabilities in Zoho Corporation Zoho ManageEngine SupportCenter Plus

Vendor: Zoho Corporation
Website: https://www.zohocorp.com/index.html
Total Security Bulletins: 12

Security bulletins (12)

Secuity bulletin Severity Status Published
SB2025081959: Privilege escalation in ManageEngine SupportCenter Plus Medium
Patched
19.08.2025
SB2025072889: Authenticated file inclusion in ServiceDesk Plus MSP and SupportCenter Plus Medium
Patched
28.07.2025
SB2025040723: Stored XSS in ManageEngine ServiceDesk and SupportCenter Low
Patched
07.04.2025
SB2023082333: Multiple vulnerabilities in Zoho ManageEngine SupportCenter Plus High
Patched
23.08.2023
SB2023070636: Security features bypass in Zoho ManageEngine SupportCenter Plus Medium
Patched
06.07.2023
SB2023022104: Multiple vulnerabilities in Zoho ManageEngine SupportCenter Plus Medium
Patched
21.02.2023
SB2023011718: Remote code execution in multiple Zoho ManageEngine products Critical
Patched Exploited
17.01.2023
SB2022120535: Multiple vulnerabilities in ManageEngine ServiceDesk Plus MSP and SupportCenter Plus Medium
Patched
05.12.2022
SB2022112420: XXE in SupportCenter Plus Low
Patched
24.11.2022
SB2022112405: Comman injection in Zoho ManageEngine SupportCenter Plus Low
Patched
24.11.2022
SB2021120607: Multiple vulnerabilities in Zoho ManageEngine SupportCenter Plus Medium
Patched
06.12.2021
SB2021120605: Improper Authentication in Zoho ManageEngine SupportCenter Plus High
Patched
06.12.2021