CVE-2011-2755

Manageengine Servicedesk Plus - Path Traversal

Title source: rule

Description

Directory traversal vulnerability in FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0 before Build 8012 allows remote attackers to read arbitrary files via unspecified vectors.

Exploits (3)

exploitdb WORKING POC

webappsjsp

https://www.exploit-db.com/exploits/17442

View Code ZIP pw:eip

exploitdb WRITEUP

webappsjsp

https://www.exploit-db.com/exploits/17437

View Code ZIP pw:eip

exploitdb WORKING POC

perlwebappsjsp

https://www.exploit-db.com/exploits/17503

View Code ZIP pw:eip

References (1)

[US Government Resource] http://www.kb.cert.org/vuls/id/543310

Scores

EPSS 0.0297

EPSS Percentile 86.5%

Details

CWE

CWE-22

Status published

Products (1)

manageengine/servicedesk_plus 8.0

Published Jul 17, 2011

Tracked Since Feb 18, 2026