Published: 17/07/2011 Updated: 19/07/2011

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 515

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Directory traversal vulnerability in FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0 before Build 8012 allows remote malicious users to read arbitrary files via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
manageengine servicedesk plus 8.0

Advisory: ManageEngine Support Center Plus 78 build <= 7801 Directory Traversal Vulnerability Author: Robert 'xistence' van Hamburg - xistence<AT>0x90nl Software link: wwwmanageenginecom/products/support-center/downloadhtml Tested on: Linux & Windows Category: Directory Traversal Severity: High Google Dork: intitle:Ma ...

# Exploit Title: ManageEngine ServiceDesk <= 80012 Database Disclosure # Google Dork: none # Date: 07072011 # Author: @ygoltsev # Software Link: wwwmanageenginecom/ # Version: <=80012 # Tested on: Windows # CVE : None #!/usr/bin/perl use LWP::UserAgent; use File::stat; $ptxt=" ############################################ ...

Google Dork: ie: intitle:ManageEngine ServiceDesk Plus" Author: Keith Lee (keithlee2012@gmailcom), @keith55, milo2012wordpresscom Software Link: wwwmanageenginecom/products/service-desk/91677414/ManageEngine_ServiceDesk_Plusexe Version: 80 Description: Directory traversal vulnerabilities has been found in ManageEngine Servi ...

CWE-22 http://www.kb.cert.org/vuls/id/543310 https://nvd.nist.gov https://www.exploit-db.com/exploits/17442/

CVE-2011-2755

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect