exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

Files from Aron Molnar

First Active2023-05-05
Last Active2023-05-05
Jedox 2022.4.2 Database Credential Disclosure
Posted May 5, 2023
Authored by Christoph Mahrl, Patrick Pirker, Michael Wedl, Aron Molnar

Jedox version 2022.4.2 has an information disclosure vulnerability in /be/rpc.php that allows remote authenticated users with the appropriate permissions to modify database connections to disclose the clear text credentials via the test connection function.

tags | exploit, remote, php, info disclosure
advisories | CVE-2022-47880
SHA-256 | 0d65954fe57317294bfe2c400f3db4b3623426f3c49974de9f8966129d23c3cd
Jedox 2020.2.5 Database Credential Disclosure
Posted May 5, 2023
Authored by Christoph Mahrl, Patrick Pirker, Michael Wedl, Aron Molnar

Jedox version 2020.2.5 suffers from having improper access controls in /tc/rpc that allows remote authenticated users to view details of database connections via the class com.jedox.etl.mngr.Connections and the method getGlobalConnection.

tags | exploit, remote, info disclosure
advisories | CVE-2022-47874
SHA-256 | 4978dc2461b1d119aeb99611968991dd695fb91ff2de8614aa5259189ffcb604
Jedox 2020.2.5 Groovy-Scripts Remote Code Execution
Posted May 5, 2023
Authored by Christoph Mahrl, Patrick Pirker, Michael Wedl, Aron Molnar

The Jedox Integrator in Jedox version 2020.2.5 allows remote authenticated users to create Jobs to execute arbitrary code via Groovy-scripts.

tags | exploit, remote, arbitrary
advisories | CVE-2022-47876
SHA-256 | 8065e4e78250d240608b08aca1a8685e42ececaa25eca5af679674be330ecc23
Jedox 2020.2.5 Configurable Storage Path Remote Code Execution
Posted May 5, 2023
Authored by Christoph Mahrl, Patrick Pirker, Michael Wedl, Aron Molnar

Jedox version 2020.2.5 suffers from a remote code execution vulnerability via the configurable storage path.

tags | exploit, remote, code execution
advisories | CVE-2022-47878
SHA-256 | 1f5b7d73b66de8f365d23ecb454074cbd33059b441e26b4c3d83bd8016ebe4dc
Jedox 2020.2.5 Cross Site Scripting
Posted May 5, 2023
Authored by Christoph Mahrl, Patrick Pirker, Michael Wedl, Aron Molnar

Jedox version 2020.2.5 has a persistent cross site scripting vulnerability that allows remote authenticated users to inject arbitrary web scripts or HTML in the logs page via the log module.

tags | exploit, remote, web, arbitrary, xss
advisories | CVE-2022-47877
SHA-256 | 5164b7a5306b238573d253d40ef2fa647e9a36ad1421e0ef98c89b532a85fe01
Jedox 2022.4.2 Directory Traversal / Remote Code Execution
Posted May 5, 2023
Authored by Christoph Mahrl, Patrick Pirker, Michael Wedl, Aron Molnar

Jedox version 2022.4.2 has a directory traversal vulnerability in /be/erpc.php allows remote authenticated users to execute arbitrary code.

tags | exploit, remote, arbitrary, php, file inclusion
advisories | CVE-2022-47875
SHA-256 | c9cad2fb718763533c5af806ca3b6ce9f045e040593ca5a0ad42e98f36535634
Jedox 2022.4.2 RPC Interface Remote Code Execution
Posted May 5, 2023
Authored by Christoph Mahrl, Patrick Pirker, Michael Wedl, Aron Molnar

Jedox version 2022.4.2 has a vulnerability in /be/rpc.php and /be/erpc.php that allows remote authenticated users to load arbitrary PHP classes from the rtn directory and to execute its methods.

tags | exploit, remote, arbitrary, php
advisories | CVE-2022-47879
SHA-256 | ccf211f35f6efc1e74056a425e818939d4b997eb3c43d2de782f50e9ba9d5712
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close