Description
ManageEngine PasswordManager Pro (PMP) allows remote attackers to obtain administrative access to a database by injecting a certain command line for the mysql program, as demonstrated by the "-port 2345" and "-u root" arguments. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by anonymous · textremotemultiple
https://www.exploit-db.com/exploits/29931
References (2)
Core 2
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/23693
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/40188
Scores
EPSS
0.0541
EPSS Percentile
90.2%
Details
Status
published
Products (1)
manageengine/passwordmanager_pro
Published
May 02, 2007
Tracked Since
Feb 18, 2026