daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enhancement: cves/2015/CVE-2015-2996.yaml by mp

patch-1
MostInterestingBotInTheWorld 2023-02-21 17:01:07 -05:00
parent 33510d2ad7
commit 0d14344256
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cves/2015/CVE-2015-2996.yaml
View File

@ -8,9 +8,9 @@ info:
Multiple directory traversal vulnerabilities in SysAid Help Desk before 15.2 allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the fileName parameter to getGfiUpgradeFile or (2) cause a denial of service (CPU and memory consumption) via a .. (dot dot) in the fileName parameter to calculateRdsFileChecksum.
reference:
- https://seclists.org/fulldisclosure/2015/Jun/8
- https://nvd.nist.gov/vuln/detail/CVE-2015-2996
- https://www.sysaid.com/blog/entry/sysaid-15-2-your-voice-your-service-desk
- http://seclists.org/fulldisclosure/2015/Jun/8
- https://nvd.nist.gov/vuln/detail/CVE-2015-2996
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5