Vulnerabilities > Manageengine > Servicedesk

DATE CVE VULNERABILITY TITLE RISK
2017-11-08 CVE-2017-11512 Path Traversal vulnerability in Manageengine Servicedesk 9.3.9328
The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the name parameter for the download-snapshot URL.
network
low complexity
manageengine CWE-22
7.5
2017-11-08 CVE-2017-11511 Information Exposure vulnerability in Manageengine Servicedesk 9.3.9328
The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the filepath parameter for the download-file URL.
network
low complexity
manageengine CWE-200
7.5