Enhancement: cves/2015/CVE-2015-2996.yaml by md
parent
bc0844999b
commit
43d1f3979d
|
@ -5,7 +5,7 @@ info:
|
||||||
author: 0x_Akoko
|
author: 0x_Akoko
|
||||||
severity: high
|
severity: high
|
||||||
description: |
|
description: |
|
||||||
Multiple directory traversal vulnerabilities in SysAid Help Desk before 15.2 allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the fileName parameter to getGfiUpgradeFile or (2) cause a denial of service (CPU and memory consumption) via a .. (dot dot) in the fileName parameter to calculateRdsFileChecksum.
|
SysAid Help Desk before 15.2 contains multiple local file inclusion vulnerabilities which can allow remote attackers to read arbitrary files via .. (dot dot) in the fileName parameter of getGfiUpgradeFile or cause a denial of service (CPU and memory consumption) via .. (dot dot) in the fileName parameter of calculateRdsFileChecksum.
|
||||||
reference:
|
reference:
|
||||||
- https://seclists.org/fulldisclosure/2015/Jun/8
|
- https://seclists.org/fulldisclosure/2015/Jun/8
|
||||||
- https://www.sysaid.com/blog/entry/sysaid-15-2-your-voice-your-service-desk
|
- https://www.sysaid.com/blog/entry/sysaid-15-2-your-voice-your-service-desk
|
||||||
|
|
Loading…
Reference in New Issue