GCVE - cpe:2.3:a:manageengine:desktop_central:9.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:manageengine:desktop_central:9.0:*:*:*:*:*:*:*

part: a version: 9.0 update: *

Vendor	Manageengine (`b7eba64e-d5d7-5395-be8c-84fe138ee37e`)
Product	Desktop Central (`519f9c3e-d4c4-5b3e-b077-347a9991bb6e`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2015-8249`	vulnerable	2026-06-03 14:35:11.469270	Details available The FileUploadServlet class in ManageEngine Desktop Central 9 before build 91093 allows remote attackers to upload and execute arbitrary files via the ConnectionId parameter. Published: 2017-09-27T17:00:00.000Z Updated: 2024-08-06T08:13:31.826Z Open on db.gcve.eu Reference links http://packetstormsecurity.com/files/134806/ManageEngine-Desktop-Central-9-FileUploadServlet-ConnectionId.html http://www.rapid7.com/db/modules/exploit/windows/http/manageengine_connectionid_write https://www.exploit-db.com/exploits/38982/ https://community.rapid7.com/community/infosec/blog/2015/12/14/r7-2015-22-manageengine-desktop-central-9-fileuploadservlet-connectionid-vulnerability-cve-2015-8249	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.