Lucene search
K

5 matches found

Check Point Advisories
Check Point Advisories
added 2015/11/24 12:0 a.m.7 views

ManageEngine OpManager SubmitQuery IntegrationUser SQL Code Execution (CVE-2015-7765; CVE-2015-7766)

An SQL code execution vulnerability exists in ManageEngine OpManager. By sending crafted requests to an affected server, a remote attacker can exploit this vulnerability to execute arbitrary SQL commands with Administrator privileges which can further lead to arbitrary code execution in the...

9CVSS4.6AI score0.80644EPSS
Exploits4
Cvelist
Cvelist
added 2015/10/09 2:0 p.m.28 views

CVE-2015-7765

ZOHO ManageEngine OpManager 11.5 build 11600 and earlier uses a hardcoded password of "plugin" for the IntegrationUser account, which allows remote authenticated users to obtain administrator access by leveraging knowledge of this password...

6.3AI score0.67284EPSS
Exploits3References5
CVE
CVE
added 2015/10/09 2:0 p.m.110 views

CVE-2015-7765

CVE-2015-7765 affects ManageEngine OpManager (11.5 build 11600 and earlier) and is rooted in a hardcoded IntegrationUser password: "plugin". The vulnerability allows remote authenticated users to obtain administrator access by leveraging this credential, enabling the exploitation of the applicati...

9CVSS6.5AI score0.67284EPSS
Exploits3References5Affected Software1
Circl
Circl
added 2015/09/17 12:0 a.m.29 views

CVE-2015-7765

creationtimestamp| type| source ---|---|--- 2015-09-17 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38221 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/manageengineopmanagerrce.rb 2025-02-06...

9CVSS5.5AI score0.67284EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2015/02/16 12:0 a.m.1353 views

ManageEngine OpManager Default Credentials

The remote ManageEngine OpManager web administration interface uses a known set of hard-coded default credentials. An attacker can use these to gain administrative access to the remote host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'...

9CVSS5.5AI score0.67284EPSS
Exploits3References4
Rows per page
Query Builder