3 matches found
CVE-2011-2755
The CVE affects ManageEngine ServiceDesk Plus 8.0 before Build 8012, where FileDownload.jsp in the workorder module is vulnerable to directory traversal due to unsanitized FILENAME parameter. This allows remote, unauthenticated attackers to read arbitrary files via crafted requests (network vecto...
ManageEngine ServiceDesk directory traversal vulnerability
Overview ManageEngine ServiceDesk contains a directory traversal vulnerability which may allow a remote, unauthenticated attacker to obtain sensitive information. Description ManageEngine ServiceDesk Plus 8.0, and possibly prior versions, contains a directory traversal vulnerability in the...
ManageEngine Service Desk Plus 8.0 Directory Traversal Vulnerability
Exploit for jsp platform in category web applications Google Dork: ie: intitle:ManageEngine ServiceDesk Plus" Author: Keith Lee email protected Software Link: http://www.manageengine.com/products/service-desk/91677414/ManageEngineServiceDeskPlus.exe Version: 8.0 Description: Directory traversal...