Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Manageengine Subscribe
Filtered by product Servicedesk
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-11511 1 Manageengine 1 Servicedesk 2019-10-09 5.0 MEDIUM 7.5 HIGH
The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the filepath parameter for the download-file URL. An unauthenticated remote attacker can use this vulnerability to download arbitrary files.
CVE-2017-11512 1 Manageengine 1 Servicedesk 2019-10-09 5.0 MEDIUM 7.5 HIGH
The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the name parameter for the download-snapshot URL. An unauthenticated remote attacker can use this vulnerability to download arbitrary files.