ManageEngine Desktop Central – Java Deserialization (Metasploit)
>> TAG: #remote exploit
ManageEngine Desktop Central – Java Deserialization (Metasploit)
Enhanced Multimedia Router 3.0.4.27 – Cross-Site Request Forgery (Add Admin)
PHPKB Multi-Language 9 – Authenticated Directory Traversal
MiladWorkShop VIP System 1.0 – ‘lang’ SQL Injection
PHPKB Multi-Language 9 – Authenticated Remote Code Execution
PHPKB Multi-Language 9 – ‘image-upload.php’ Authenticated Remote Code Execution
Microsoft Windows 10 (1903/1909) – ‘SMBGhost’ SMB3.1.1 ‘SMB2_COMPRESSION_CAPABILITIES’ Buffer Overflow (PoC)
AnyBurn 4.8 – Buffer Overflow (SEH)
Centos WebPanel 7 – ‘term’ SQL Injection
WatchGuard Fireware AD Helper Component 5.8.5.10317 – Credential Disclosure