Loading
Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10012 allows remote attackers to upload arbitrary files via login page customization.
Use CWE-434, Zohocorp vendor hub and Manageengine Servicedesk Plus product page to widen CVE-2019-8394 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2024-38869, CVE-2023-35785 and CVE-2023-26601 for nearby disclosures in the same product family.