Pega Platform 8.1.0 - Remote Code Execution Vulnerability

Exploit Title: Pega Platform 8.1.0 - Remote Code Execution RCE Exploit Author: Marcin Wolak using MOGWAI LABS JMX Exploitation Toolkit Vendor Homepage: www.pega.com Software Link: Not Available Version: 8.1.0 on-premise and higher, up to 8.3.7 Tested on: Red Hat Enterprise 7 CVE : CVE-2022-24082...

Pega Platform 8.1.0 - Remote Code Execution (RCE)

Exploit Title: Pega Platform 8.1.0 - Remote Code Execution RCE Google Dork: N/A Date: 20 Oct 2022 Exploit Author: Marcin Wolak using MOGWAI LABS JMX Exploitation Toolkit Vendor Homepage: www.pega.com Software Link: Not Available Version: 8.1.0 on-premise and higher, up to 8.3.7 Tested on: Red Hat...

Pega Platform 8.7.3 Remote Code Execution Vulnerability

Pega Platform versions 8.1.0 through 8.7.3 suffer from a remote code execution vulnerability. If an on-premise installation of the Pega Platform is configured with the port for the JMX interface exposed to the Internet and port filtering is not properly configured, then it may be possible to uplo...

Pega Platform 8.7.3 Remote Code Execution

Exploit Title: Pega Platform 8.1.0 and higher Remote Code Execution Google Dork: N/A Date: 20 Oct 2022 Exploit Author: Marcin Wolak using MOGWAI LABS JMX Exploitation Toolkit Vendor Homepage: www.pega.com Software Link: Not Available Version: 8.1.0 on-premise and higher, up to 8.7.3 Tested on: Re...

PowerFolder Server 10.4.321 - Remote Code Execution

PowerFolder Server 10.4.321 - Remote Code Execution Mogwai Security Advisory MSA-2016-01 ---------------------------------------------------------------------- Title: PowerFolder Remote Code Execution Vulnerability Product: PowerFolder Server Affected versions: 10.4.321 Linux/Windows Other versio...

iPass Mobile Client Service Privilege Escalation

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class Metasploit3 'iPass Mobile Client Service Privilege Escalation', 'Description' = %q The named pipe, \IPEFSYSPCPIPE, can be accessed by normal users to interact with...

iPass Mobile Client 2.4.2.15122 Privilege Escalation

Mogwai Security Advisory MSA-2015-03 ---------------------------------------------------------------------- Title: iPass Mobile Client service local privilege escalation Product: iPass Mobile Client Affected versions: iPass Mobile Client 2.4.2.15122 Newer version might be also affected Impact:...

WordPress Plugin Pixarbay Images 2.3 - Multiple Vulnerabilities

Mogwai Security Advisory MSA-2015-01 ---------------------------------------------------------------------- Title: WP Pixarbay Images Multiple Vulnerabilities Product: Pixarbay Images Wordpress Plugin Affected versions: 2.3 Impact: high Remote: yes Product link:...

WordPress Plugin Pixarbay Images 2.3 - Multiple Vulnerabilities

WordPress Plugin Pixarbay Images 2.3 - Multiple Vulnerabilities Mogwai Security Advisory MSA-2015-01 ---------------------------------------------------------------------- Title: WP Pixarbay Images Multiple Vulnerabilities Product: Pixarbay Images Wordpress Plugin Affected versions: 2.3 Impact:...

WordPress Pixarbay Images 2.3 XSS / Bypass / Upload / Traversal

Mogwai Security Advisory MSA-2015-01 ---------------------------------------------------------------------- Title: WP Pixarbay Images Multiple Vulnerabilities Product: Pixarbay Images Wordpress Plugin Affected versions: 2.3 Impact: high Remote: yes Product link:...

Typo3 Extension JobControl 2.14.0 - Cross-Site Scripting / SQL Injection

Mogwai Security Advisory MSA-2014-02 ---------------------------------------------------------------------- Title: JobControl dmmjobcontrol Multiple Vulnerabilities Product: dmmjobcontrol Typo3 Extension Affected versions: 2.14.0 Impact: high Remote: yes Product link:...

Typo3 Extension JobControl 2.14.0 - Cross-Site Scripting SQL Injection

Typo3 Extension JobControl 2.14.0 - Cross-Site Scripting SQL Injection Mogwai Security Advisory MSA-2014-02 ---------------------------------------------------------------------- Title: JobControl dmmjobcontrol Multiple Vulnerabilities Product: dmmjobcontrol Typo3 Extension Affected versions:...