exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

Files from Michael Wedl

First Active2023-05-05
Last Active2023-05-05
Jedox 2022.4.2 Database Credential Disclosure
Posted May 5, 2023
Authored by Christoph Mahrl, Patrick Pirker, Michael Wedl, Aron Molnar

Jedox version 2022.4.2 has an information disclosure vulnerability in /be/rpc.php that allows remote authenticated users with the appropriate permissions to modify database connections to disclose the clear text credentials via the test connection function.

tags | exploit, remote, php, info disclosure
advisories | CVE-2022-47880
SHA-256 | 0d65954fe57317294bfe2c400f3db4b3623426f3c49974de9f8966129d23c3cd
Jedox 2020.2.5 Database Credential Disclosure
Posted May 5, 2023
Authored by Christoph Mahrl, Patrick Pirker, Michael Wedl, Aron Molnar

Jedox version 2020.2.5 suffers from having improper access controls in /tc/rpc that allows remote authenticated users to view details of database connections via the class com.jedox.etl.mngr.Connections and the method getGlobalConnection.

tags | exploit, remote, info disclosure
advisories | CVE-2022-47874
SHA-256 | 4978dc2461b1d119aeb99611968991dd695fb91ff2de8614aa5259189ffcb604
Jedox 2020.2.5 Groovy-Scripts Remote Code Execution
Posted May 5, 2023
Authored by Christoph Mahrl, Patrick Pirker, Michael Wedl, Aron Molnar

The Jedox Integrator in Jedox version 2020.2.5 allows remote authenticated users to create Jobs to execute arbitrary code via Groovy-scripts.

tags | exploit, remote, arbitrary
advisories | CVE-2022-47876
SHA-256 | 8065e4e78250d240608b08aca1a8685e42ececaa25eca5af679674be330ecc23
Jedox 2020.2.5 Configurable Storage Path Remote Code Execution
Posted May 5, 2023
Authored by Christoph Mahrl, Patrick Pirker, Michael Wedl, Aron Molnar

Jedox version 2020.2.5 suffers from a remote code execution vulnerability via the configurable storage path.

tags | exploit, remote, code execution
advisories | CVE-2022-47878
SHA-256 | 1f5b7d73b66de8f365d23ecb454074cbd33059b441e26b4c3d83bd8016ebe4dc
Jedox 2020.2.5 Cross Site Scripting
Posted May 5, 2023
Authored by Christoph Mahrl, Patrick Pirker, Michael Wedl, Aron Molnar

Jedox version 2020.2.5 has a persistent cross site scripting vulnerability that allows remote authenticated users to inject arbitrary web scripts or HTML in the logs page via the log module.

tags | exploit, remote, web, arbitrary, xss
advisories | CVE-2022-47877
SHA-256 | 5164b7a5306b238573d253d40ef2fa647e9a36ad1421e0ef98c89b532a85fe01
Jedox 2022.4.2 Directory Traversal / Remote Code Execution
Posted May 5, 2023
Authored by Christoph Mahrl, Patrick Pirker, Michael Wedl, Aron Molnar

Jedox version 2022.4.2 has a directory traversal vulnerability in /be/erpc.php allows remote authenticated users to execute arbitrary code.

tags | exploit, remote, arbitrary, php, file inclusion
advisories | CVE-2022-47875
SHA-256 | c9cad2fb718763533c5af806ca3b6ce9f045e040593ca5a0ad42e98f36535634
Jedox 2022.4.2 RPC Interface Remote Code Execution
Posted May 5, 2023
Authored by Christoph Mahrl, Patrick Pirker, Michael Wedl, Aron Molnar

Jedox version 2022.4.2 has a vulnerability in /be/rpc.php and /be/erpc.php that allows remote authenticated users to load arbitrary PHP classes from the rtn directory and to execute its methods.

tags | exploit, remote, arbitrary, php
advisories | CVE-2022-47879
SHA-256 | ccf211f35f6efc1e74056a425e818939d4b997eb3c43d2de782f50e9ba9d5712
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close