Vulnerabilities > Manageengine > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-08 | CVE-2017-11512 | Path Traversal vulnerability in Manageengine Servicedesk 9.3.9328 The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the name parameter for the download-snapshot URL. | 7.5 |
| 2017-11-08 | CVE-2017-11511 | Information Exposure vulnerability in Manageengine Servicedesk 9.3.9328 The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the filepath parameter for the download-file URL. | 7.5 |
| 2017-08-28 | CVE-2014-5302 | Path Traversal vulnerability in Manageengine products Directory traversal vulnerability in ServiceDesk Plus and Plus MSP v5 through v9.0 v9030; AssetExplorer v4 to v6.1; SupportCenter v5 to v7.9; IT360 v8 to v10.4 allows remote authenticated users to execute arbitrary code. | 8.8 |
| 2017-08-28 | CVE-2014-5301 | Path Traversal vulnerability in Manageengine products Directory traversal vulnerability in ServiceDesk Plus MSP v5 to v9.0 v9030; AssetExplorer v4 to v6.1; SupportCenter v5 to v7.9; IT360 v8 to v10.4. | 8.8 |