theguly

7 exploits Active since Aug 2017
CVE-2017-14105 NOMISEC HIGH WORKING POC
HiveManager Classic <8.1r1 - RCE
HiveManager Classic through 8.1r1 allows arbitrary JSP code execution by modifying a backup archive before a restore, because the restore feature does not validate pathnames within the archive. An authenticated, local attacker - even restricted as a tenant - can add a jsp at HiveManager/tomcat/webapps/hm/domains/$yourtenant/maps (it will be exposed at the web interface).
1 stars
CVSS 7.8
CVE-2015-9107 WRITEUP CRITICAL WORKING POC
Zohocorp Manageengine Opmanager - Cryptographic Issue
Zoho ManageEngine OpManager 11 through 12.2 uses a custom encryption algorithm to protect the credential used to access the monitored devices. The implemented algorithm doesn't use a per-system key or even a salt; therefore, it's possible to create a universal decryptor.
CVSS 9.8
CVE-2020-10546 WRITEUP CRITICAL WORKING POC
rConfig <3.9.4 - SQL Injection
rConfig 3.9.4 and previous versions has unauthenticated compliancepolicies.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices.
CVSS 9.8
CVE-2020-10547 WRITEUP CRITICAL WORKING POC
rConfig <3.9.4 - SQL Injection
rConfig 3.9.4 and previous versions has unauthenticated compliancepolicyelements.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices.
CVSS 9.8
CVE-2020-10548 WRITEUP CRITICAL WORKING POC
rConfig <3.9.4 - SQL Injection
rConfig 3.9.4 and previous versions has unauthenticated devices.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices.
CVSS 9.8
CVE-2020-10549 WRITEUP CRITICAL WORKING POC
rConfig <3.9.4 - SQL Injection
rConfig 3.9.4 and previous versions has unauthenticated snippets.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices.
CVSS 9.8
CVE-2020-13778 WRITEUP HIGH WORKING POC
Rconfig < 3.9.4 - OS Command Injection
rConfig 3.9.4 and earlier allows authenticated code execution (of system commands) by sending a forged GET request to lib/ajaxHandlers/ajaxAddTemplate.php or lib/ajaxHandlers/ajaxEditTemplate.php.
CVSS 8.8