.. / CVE-2015-2996

Exploit for SysAid Help Desk <15.2 - Local File Inclusion (CVE-2015-2996)

Description:

SysAid Help Desk before 15.2 contains multiple local file inclusion vulnerabilities which can allow remote attackers to read arbitrary files via .. (dot dot) in the fileName parameter of getGfiUpgradeFile or cause a denial of service (CPU and memory consumption) via .. (dot dot) in the fileName parameter of calculateRdsFileChecksum.

Nuclei Template

View the template here CVE-2015-2996.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2015/CVE-2015-2996.yaml

References:

https://seclists.org/fulldisclosure/2015/Jun/8
https://nvd.nist.gov/vuln/detail/CVE-2015-2996
http://seclists.org/fulldisclosure/2015/Jun/8
https://github.com/ARPSyndicate/kenzer-templates
https://www.sysaid.com/blog/entry/sysaid-15-2-your-voice-your-service-desk

.. / CVE-2015-2996 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for SysAid Help Desk <15.2 - Local File Inclusion (CVE-2015-2996)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2015-2996