CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Zohocorp: >> Manageengine Supportcenter Plus Security Vulnerabilities

CVE-2014-100002

Directory traversal vulnerability in ManageEngine SupportCenter Plus 7.9 before 7917 allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the attach parameter to WorkOrder.do in the file attachment for a new ticket.

CVSS Score

5.0

EPSS Score

0.77

Published

2015-01-13

Page 4

Vulnerabilities

Vulnerable Software

Zohocorp: >> Manageengine Supportcenter Plus Security Vulnerabilities

Products

Pricing

Contact Us