ManageEngine opManager 12.3.150 – Authenticated Code Execution
>> TAG: #remote exploit
ManageEngine opManager 12.3.150 – Authenticated Code Execution
Agent Tesla Botnet – Arbitrary Code Execution (Metasploit)
Agent Tesla Botnet – Arbitrary Code Execution
Azorult Botnet – SQL Injection
Joomla! Component JS Support Ticket (com_jssupportticket) 1.1.6 – ‘ticketreply.php’ SQL Injection
osTicket 1.12 – Persistent Cross-Site Scripting via File Upload
Joomla! Component JS Support Ticket (com_jssupportticket) 1.1.6 – ‘ticket.php’ Arbitrary File Deletion
osTicket 1.12 – Persistent Cross-Site Scripting
osTicket 1.12 – Formula Injection
ManageEngine Application Manager 14.2 – Privilege Escalation / Remote Command Execution (Metasploit)