Lucene search
K

4 matches found

Circl
Circl
added 2018/05/29 3:50 p.m.21 views

CVE-2014-8499

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/http/manageenginepmpprivesc.rb 2025-02-06 03:13:42+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:09:32+00:00| seen...

6.5CVSS5.5AI score0.33591EPSS
Exploits9References1
CVE
CVE
added 2014/11/17 4:0 p.m.70 views

CVE-2014-8499

CVE-2014-8499 affects ManageEngine Password Manager Pro (PMP) and PMP MSP editions prior to 7.1 build 7105. An authenticated blind SQL injection in the SEARCH_ALL parameter targets the functions SQLAdvancedALSearchResult.cc and AdvancedSearchResult.cc, enabling an attacker to execute arbitrary SQ...

6.5CVSS8.1AI score0.33591EPSS
Exploits9References9Affected Software1
0day.today
0day.today
added 2014/11/10 12:0 a.m.59 views

Password Manager Pro / Pro MSP - Blind SQL Injection Vulnerability

Exploit for php platform in category web applications Authenticated blind SQL injection in Password Manager Pro / Pro MSP Discovered by Pedro Ribeiro email protected, Agile Information Security ========================================================================== Disclosure: 08/11/2014 / Las...

6.5CVSS0.5AI score0.33591EPSS
Exploits10
Packet Storm
Packet Storm
added 2014/11/09 12:0 a.m.58 views

Password Manager Pro SQL Injection

Hi, This is part 7 of the ManageOwnage series. For previous parts, see 1. Today we have a blind SQL injection in Password Manager Pro PMP that can be abused to escalate privileges for a low privileged user like a guest to the "super administrator". Using our new powers we can then dump the whole...

6.5CVSS0.9AI score0.33591EPSS
Exploits10
Rows per page
Query Builder