CVE-2019-25468

NetGain EM Plus 10.1.68 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands by submitting malicious parameters to the scripttest.jsp endpoint. Attackers can send POST requests with shell commands embedded in the 'content'...

EUVD-2019-19740

NetGain EM Plus 10.1.68 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands by submitting malicious parameters to the scripttest.jsp endpoint. Attackers can send POST requests with shell commands embedded in the 'content'...

CVE-2019-25468

NetGain EM Plus 10.1.68 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands by submitting malicious parameters to the scripttest.jsp endpoint. Attackers can send POST requests with shell commands embedded in the 'content'...

CVE-2019-25468

CVE-2019-25468 affects NetGain EM Plus 10.1.68. It enables unauthenticated remote code execution via the script_test.jsp endpoint; an attacker can send POST requests with a malicious shell command embedded in the content parameter to execute code and retrieve output. The vulnerability is describe...

CVE-2019-25468 NetGain EM Plus 10.1.68 Remote Code Execution via script_test.jsp

NetGain EM Plus 10.1.68 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands by submitting malicious parameters to the scripttest.jsp endpoint. Attackers can send POST requests with shell commands embedded in the 'content'...

CVE-2019-25468 NetGain EM Plus 10.1.68 Remote Code Execution via script_test.jsp

NetGain EM Plus 10.1.68 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands by submitting malicious parameters to the scripttest.jsp endpoint. Attackers can send POST requests with shell commands embedded in the 'content'...

NetGain EM Plus 安全漏洞

NetGain EM Plus is a network and system management software developed by NetGain Company in Singapore. Version 10.1.68 of NetGain EM Plus contains a security vulnerability. This vulnerability stems from the parameter handling in the scripttest.jsp endpoint, which may allow unverified attackers to...

NetGain EM Plus 10.1.68 - Remote Command Execution

/ Exploit Title: NetGain EM Plus = v10.1.68 - Unauthorized Local File Inclusion Date: 15 September 2019 Exploit Author: azams / @TheRealAzams Vendor Homepage: http://netgain-systems.com Software Link: http://www.netgain-systems.com/free/ Version: v10.1.68 Tested on: Linux Install golang:...

Command injection

NetGain Enterprise Manager EM is affected by OS Command Injection vulnerabilities in versions before 10.0.57. These vulnerabilities could allow remote authenticated attackers to inject arbitrary code, resulting in remote code execution...

NetGain Enterprise Manager Authentication Bypass / LFI Vulnerability (May 2017) - Active Check

NetGain EM is prone to authentication bypass and a local file inclusion LFI vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE ...

NetGain EM 7.2.647 build 941 - Authentication Bypass Local File Inclusion

NetGain EM 7.2.647 build 941 - Authentication Bypass Local File Inclusion ''' Exploit Title: Add User Account with Admin Privilege without Login & Local File Inclusion Date: 2017-05-21 Exploit Author: f3ci Vendor Homepage: http://www.netgain-systems.com Software Link:...

NetGain EM 7.2.647 build 941 - Authentication Bypass / Local File Inclusion Vulnerabilities

Exploit for jsp platform in category web applications ''' Exploit Title: Add User Account with Admin Privilege without Login & Local File Inclusion Date: 2017-05-21 Exploit Author: f3ci Vendor Homepage: http://www.netgain-systems.com Software Link:...

NetGain EM 7.2.647 build 941 - Authentication Bypass / Local File Inclusion

''' Exploit Title: Add User Account with Admin Privilege without Login & Local File Inclusion Date: 2017-05-21 Exploit Author: f3ci Vendor Homepage: http://www.netgain-systems.com Software Link: http://www.netgain-systems.com/free-edition-download/ Version: = v7.2.647 build 941 Tested on: Windows...

NetGain Enterprise Manager 7.2.562 Command Execution

Exploit Title: NetGain Enterprise Manager a aPinga Command Injection Date: 23.02.2017 Exploit Author: MrChaZ Vendor Homepage: http://www.netgain-systems.com/ Version: = v7.2.562 build 853 Tested on: Windows 10 Pro 64-bit 10,0 Build 14393 Description:...