EIP-2026-102407

The document describes multiple privilege escalation vulnerabilities in ManageEngine ServiceDesk Plus, allowing low-privileged users to access sensitive data such as tickets, attachments, and user assets via parameter manipulation in HTTP requests. It includes proof-of-concept URLs demonstrating the exploits.