CVE-2016-1593

Related Files

Novell ServiceDesk Authenticated File Upload

Posted Apr 18, 2016

Authored by Pedro Ribeiro | Site metasploit.com

This Metasploit module exploits an authenticated arbitrary file upload via directory traversal to execute code on the target. It has been tested on versions 6.5 and 7.1.0, in Windows and Linux installations of Novell ServiceDesk, as well as the Virtual Appliance provided by Novell.

tags | exploit, arbitrary, file upload

systems | linux, windows

advisories | CVE-2016-1593

SHA-256 | afb4d4be28fcad92ea6a38d635b3b06845a31d2df0ef58120226aa7d288d0c15

Download | Favorite | View

Novell Service Desk 7.1.0 Code Execution / Information Disclosure

Posted Apr 11, 2016

Authored by Pedro Ribeiro

Novell Service Desk versions 7.1.0 and below suffer from code execution, information disclosure, cross site scripting, remote file upload, HQL injection, and traversal vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, info disclosure, file upload

advisories | CVE-2016-1593, CVE-2016-1594, CVE-2016-1595, CVE-2016-1596

SHA-256 | c58735b33740e5edd50a8cae45802afa2db11198bcbbc4f1e7779e1640bb8f1c

Download | Favorite | View