Back to search
CVE-2011-2757
Published: Jul 17, 2011
Modified: Sep 16, 2024
PUBLISHED
Description
Directory traversal vulnerability in FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0.0.12 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the FILENAME parameter. NOTE: this might overlap the US-CERT VU#543310 issue.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
17503
exploit
x_refsource_EXPLOIT-DB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now