3 matches found
ManageEngine Desktop Central - Arbitrary File Upload / RCE Vulnerabilities
ManageEngine Desktop Central suffers from code execution and remote shell upload vulnerabilities. Arbitrary file upload / remote code execution in ManageEngine Desktop Central / Desktop Central MSP Discovered by Pedro Ribeiro Agile Information Security...
ManageEngine Password Manager Pro / ManageEngine IT360 - SQL Injection
source: https://www.securityfocus.com/bid/69303/info ManageEngine Password Manager Pro and ManageEngine IT360 are prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
Carna Botnet Analysis Enumerates Vulnerable Network Devices
The Carna botnet, more formally known as the Internet Census 2012, stirred up a hornet’s nest of controversy when it was unveiled in March to a number of popular security mailing lists. An unidentified researcher had found more than 420,000 embedded devices that were accessible online with defaul...