Posted by xistence on Oct 05

Exploit Title: ManageEngine ServiceDesk Plus <= 9.1 build 9110 – Path
Traversal
Product: ManageEngine ServiceDesk Plus
Vulnerable Versions: 9.1 build 9110 and previous versions
Tested Version: 9.1 build 9110 (Windows)
Advisory Publication: 03/10/2015
Vulnerability Type: Unauthenticated Path Traversal
Credit: xistence <xistence[at]0x90.nl>

Product Description
——————-

ServiceDesk Plus is an ITIL ready IT help desk software…