what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 54 RSS Feed

Files

ManageEngine Shell Upload / Directory Traversal
Posted Jan 5, 2015
Authored by Pedro Ribeiro

ManageEngine products Service Desk Plus, Asset Explorer, Support Center, and IT360 suffer from file upload and directory traversal vulnerabilities.

tags | exploit, vulnerability, file inclusion, file upload
advisories | CVE-2014-5301, CVE-2014-5302
SHA-256 | b54ee8abb80c4bd0609677cf861ed3705c479b3f720f286b5441144adbe04dd3

Related Files

Manage Engine Exchange Reporter Plus Unauthenticated Remote Code Execution
Posted Jul 12, 2018
Authored by Kacper Szurek | Site metasploit.com

This Metasploit module exploits a remote code execution vulnerability that exists in Exchange Reporter Plus versions 5310 and below, caused by execution of bcp.exe file inside ADSHACluster servlet

tags | exploit, remote, code execution
SHA-256 | 3d8c5a206e655ffc1020ae9dc72f79a8470fd65b1714a8754570a275ba8cf2ad
ManageEngine Application Manager Remote Code Execution
Posted Mar 29, 2018
Authored by Mehmet Ince | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in the ManageEngine Application Manager product. An unauthenticated user can execute an operating system command under the context of privileged user. The publicly accessible testCredential.do endpoint takes multiple user inputs and validates supplied credentials by accessing the given system. This endpoint calls several internal classes and then executes powershell script without validating user supplied parameter when the given system is OfficeSharePointServer.

tags | exploit
advisories | CVE-2018-7890
SHA-256 | a9eac798117fa04eab31bed74f5ad242fd765118d1e7c673979dc44d64574e70
ManageEngine ServiceDesk Plus 9.2 Build 9207 Information Disclosure
Posted Oct 20, 2016
Authored by p0z

ManageEngine ServiceDesk Plus version 9.2 build 9207 suffers from an unauthorized information disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | ca5032b6240d7fcfedfe155b4a2a37add04b02783d944b43d7889190c570b156
ManageEngine Desktop Central 9 FileUploadServlet ConnectionId
Posted Dec 14, 2015
Authored by sinn3r | Site metasploit.com

This Metasploit module exploits a vulnerability found in ManageEngine Desktop Central 9. When uploading a 7z file, the FileUploadServlet class does not check the user-controlled ConnectionId parameter in the FileUploadServlet class. This allows a remote attacker to inject a null bye at the end of the value to create a malicious file with an arbitrary file type, and then place it under a directory that allows server-side scripts to run, which results in remote code execution under the context of SYSTEM. Please note that by default, some ManageEngine Desktop Central versions run on port 8020, but older ones run on port 8040. Also, using this exploit will leave debugging information produced by FileUploadServlet in file rdslog0.txt. This exploit was successfully tested on version 9, build 90109 and build 91084.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2015-8249
SHA-256 | 8c99cf5f1217da665c86fd771e4aa70d6faca00dd6c6fcfa981543f8297351af
ManageEngine ServiceDesk Plus Arbitrary File Upload
Posted Oct 8, 2015
Authored by Pedro Ribeiro | Site metasploit.com

This Metasploit module exploits a file upload vulnerability in ManageEngine ServiceDesk Plus. The vulnerability exists in the FileUploader servlet which accepts unauthenticated file uploads. This Metasploit module has been tested successfully on versions v9 b9000 - b9102 in Windows and Linux. The MSP versions do not expose the vulnerable servlet.

tags | exploit, file upload
systems | linux, windows
SHA-256 | 420d521b451538bcdb3d95efb3417571e395f8709b295655dad279c97881d455
ManageEngine ServiceDesk Plus 9.1 Build 9110 Path Traversal
Posted Oct 6, 2015
Authored by xistence

ManageEngine ServiceDesk Plus versions 9.1 build 9110 and below suffer from a path traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | f8c2df4202c241dffb8fdf7f5b2b23f85c16dc7b6036aaef2466f7f1c632fa98
ManageEngine EventLog Analyzer Remote Code Execution
Posted Sep 28, 2015
Authored by xistence | Site metasploit.com

This Metasploit module exploits a SQL query functionality in ManageEngine EventLog Analyzer v10.6 build 10060 and previous versions. Every authenticated user, including the default "guest" account can execute SQL queries directly on the underlying Postgres database server. The queries are executed as the "postgres" user which has full privileges and thus is able to write files to disk. This way a JSP payload can be uploaded and executed with SYSTEM privileges on the web server. This Metasploit module has been tested successfully on ManageEngine EventLog Analyzer 10.0 (build 10003) over Windows 7 SP1.

tags | exploit, web
systems | windows
SHA-256 | 883715a7f63b19f3be245204a59084b8ad642d1866b7fdd2c6b33080b2dcb675
ManageEngine EventLog Analyzer 10.6 Build 10060 SQL Query Execution
Posted Sep 16, 2015
Authored by xistence

ManageEngine EventLog Analyzer version 10.6 build 10060 suffers from a SQL query execution vulnerability.

tags | exploit, sql injection
SHA-256 | e43184b3c2e6936208082a4f3f3c97ec7847e32991323e490bc64eafefc58612
ManageEngine OpManager 11.5 Hardcoded Credential / SQL Bypass
Posted Sep 16, 2015
Authored by xistence

ManageEngine OpManager versions 11.5 and below suffer from SQL query protection bypass and has hard-coded credentials.

tags | exploit
SHA-256 | 14e7eded55b53f71e7a0c1efbb36f40694306d92477d8cda6fe7cfc83868d93e
ManageEngine Asset Explorer 6.1 Cross Site Scripting
Posted Jun 24, 2015
Authored by Suraj Krishnaswami

ManageEngine Asset Explorer version 6.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-2169
SHA-256 | 0e0cbef4faaa90dd611f268ecebd5e06de49fa975ef884e5b752fbdcd43706b1
Manage Engine AD Audit Manager Plus Cross Site Scripting
Posted Mar 10, 2015
Authored by Harish Ramadoss

Manage Engine AD Audit Manager Plus versions below build 6270 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-1026
SHA-256 | 4735134ce9bdd039e2630ec69133cc374c5e9bd945eade4e8fdf2b899bfb27a2
ManageEngine Multiple Products Authenticated File Upload
Posted Jan 20, 2015
Authored by Pedro Ribeiro | Site metasploit.com

This Metasploit module exploits a directory traversal vulnerability in ManageEngine ServiceDesk, AssetExplorer, SupportCenter and IT360 when uploading attachment files. The JSP that accepts the upload does not handle correctly '../' sequences, which can be abused to write in the file system. Authentication is needed to exploit this vulnerability, but this module will attempt to login using the default credentials for the administrator and guest accounts. Alternatively you can provide a pre-authenticated cookie or a username / password combo. For IT360 targets enter the RPORT of the ServiceDesk instance (usually 8400). All versions of ServiceDesk prior v9 build 9031 (including MSP but excluding v4), AssetExplorer, SupportCenter and IT360 (including MSP) are vulnerable. At the time of release of this module, only ServiceDesk v9 has been fixed in build 9031 and above. This Metasploit module has been been tested successfully in Windows and Linux on several versions.

tags | exploit
systems | linux, windows
advisories | CVE-2014-5301
SHA-256 | cfe15941681878a96b266d26c1d7d9356a553c192cb7478e884d2b24e8196dcb
ManageEngine Netflow Analyzer / IT360 File Download
Posted Dec 1, 2014
Authored by Pedro Ribeiro

ManageEngine Netflow Analyzer and IT360 suffer from an arbitrary file download vulnerability.

tags | exploit, arbitrary
advisories | CVE-2014-5445, CVE-2014-5446
SHA-256 | f28c12e2709e29fe58c181837e6106a9c54c5b1f2469324aa04db88e1e55be7f
ManageEngine EventLog Analyzer SQL / Credential Disclosure
Posted Nov 6, 2014
Authored by Pedro Ribeiro

ManageEngine EventLog Analyzer suffers from SQL information and credential disclosure vulnerabilities.

tags | exploit, vulnerability, info disclosure
advisories | CVE-2014-6038, CVE-2014-6039
SHA-256 | ae0902d2d1251e6a705e5a528c9450f71f486b0f84a93f3094c7c09f8e7737f8
ManageEngine DeviceExpert 5.9 Credential Disclosure
Posted Aug 27, 2014
Authored by Pedro Ribeiro

ManageEngine DeviceExpert version 5.9 suffers from a user credential disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 51e22c92f98a813a1c5ec8301f8d7ed43adbe8dcd3be82e7f05dd0b625342ecf
ManageEngine EventLog Analyzer 7 Cross Site Scripting
Posted Aug 27, 2014
Authored by Rodrigo Contarino

ManageEngine EventLog Analyzer version 7.2.2 suffers from multiple reflective cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2014-4930
SHA-256 | 0bf36f68da768952108b58e9e72774b2bf741922f4c175919319cf299d4fe76d
ManageEngine Support Center Plus 7916 Directory Traversal
Posted Jan 28, 2014
Authored by xistence

ManageEngine Support Center Plus versions 7916 and below suffer from a directory traversal vulnerability.

tags | exploit
SHA-256 | 7f3d4cf2f0f2823e532afe04ee4652f5b01e45dec6270e68523714952b7cd42b
ManageEngine EventLog Analyzer 8.6 Cross Site Scripting
Posted Jan 17, 2014
Authored by Asheesh Kumar Mani Tripathi

ManageEngine EventLog Analyzer version 8.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | fb2b863e3a6c89be1bed5b157e455b433c0efa45b5c8a60e740a73a619b3c3ba
ManageEngine Security Manager Plus 5.5 build 5505 SQL Injection
Posted Oct 28, 2012
Authored by egypt, sinn3r, xistence | Site metasploit.com

This Metasploit module exploits a SQL injection found in ManageEngine Security Manager Plus advanced search page, which results in remote code execution under the context of SYSTEM in Windows; or as the user in Linux. Authentication is not required in order to exploit this vulnerability.

tags | exploit, remote, code execution, sql injection
systems | linux, windows
SHA-256 | ae2e0907bda1eeb2906f4560caa8085b35712d1a7fe05eeb19dddd8fe8de7ac1
ManageEngine Security Manager Plus 5.5 SQL Injection
Posted Oct 19, 2012
Authored by xistence

ManageEngine Security Manager Plus versions 5.5 build 5505 remote SYSTEM/root SQL injection exploit that spawns a shell.

tags | exploit, remote, shell, root, sql injection
SHA-256 | 6d2a8bcbddb1c5a2fce72265db430d93c35c4e46841e736af9eb65ee5db7fa47
ManageEngine Security Manager Plus 5.5 Traversal
Posted Oct 19, 2012
Authored by xistence

ManageEngine Security Manager Plus versions 5.5 build 5505 and below suffer from a path traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | fa2c630e11d919d9d1b121504583b9b23aae97d94b41855b33e036271a53318b
ManageEngine Security Manager Plus 5.5 Build 5505 Code Execution
Posted Oct 19, 2012
Authored by xistence | Site metasploit.com

This Metasploit module exploits a SQL injection found in ManageEngine Security Manager Plus advanced search page. It will send a malicious SQL query to create a JSP file under the web root directory, and then let it download and execute our malicious executable under the context of SYSTEM. No authentication is necessary to exploit this.

tags | exploit, web, root, sql injection
SHA-256 | e2984c80e9b18bcfe0bf36c7deb7a463e4967710e4784d8a20eb3c7da32c323b
ManageEngine Support Center Plus 7908 XSS / Shell Upload
Posted Oct 16, 2012
Authored by xistence

ManageEngine Support Center Plus versions 7908 and below suffer from multiple cross site scripting and shell upload vulnerabilities.

tags | exploit, shell, vulnerability, xss
SHA-256 | ce1d93bee37427da393ef8b2a378940e15f95dfe2266842aa8f8b6171109489a
ManageEngine Device Expert 5.6 Directory Traversal
Posted Mar 19, 2012
Authored by rgod | Site retrogod.altervista.org

ManageEngine Device Expert version 5.6 suffers from a Java Server ScheduleResultViewer servlet unauthenticated remote directory traversal vulnerability.

tags | exploit, java, remote, file inclusion
SHA-256 | ac9ce0ef47d738091d599b3ea17bfa50dae411a0fcf3d690ac1f2757cfe3424d
ManageEngine ServiceDesk 8.0.0.12 Database Disclosure
Posted Jul 7, 2011
Authored by @ygoltsev

ManageEngine ServiceDesk versions 8.0.0.12 and below suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 8ff8cb00de08190c593785661a3f7dc8b780a7ae05d5a439665cefd854ff9a44
Page 2 of 3
Back123Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close