CVE-2011-2757

This Metasploit module exploits an unauthenticated path traversal vulnerability in ManageEngine ServiceDesk Plus (CVE-2011-2757) to retrieve arbitrary files from the filesystem. It sends a crafted HTTP GET request to 'FileDownload.jsp' with traversal sequences to access files outside the intended directory.

This Perl script exploits a directory traversal vulnerability in ManageEngine ServiceDesk <= 8.0.0.12 to disclose database backup files. It retrieves server logs to locate backup paths and constructs URLs to download them.

This is a writeup describing a directory traversal vulnerability in ManageEngine ServiceDesk Plus 8.0. The vulnerability allows attackers to access local files by manipulating file paths with '../' sequences.

This exploit demonstrates a directory traversal vulnerability in ManageEngine Support Center Plus 7.8 build <= 7801, allowing unauthenticated attackers to read arbitrary files on the server, including sensitive files like /etc/shadow or database files.