CVE-2022-25373: ManageEngine Support Center Plus Stored Cross-Site Scripting (XSS)
Matt Dunn discovers another ManageEngine Cross-Site Scripting vulnerability, this one in the Support Center Plus application.
Year: 2022
-
-
Raxis Earns Five-Star Rating
Five stars from Clutch? We got ‘em! Read the details about why our penetration testing and cybersecurity customers say we rock.
-
Raxis Supports Pensacola ROV Team
Raxis is proud to sponsor the Pensacola Catholic High School “Crubotics” robotics team. Its members will compete in June 2022’s World Championships in Long Beach, California. The event is part the MATE ROV competioton
-
CVE-2022-25245: ManageEngine Asset Explorer Information Leakage
Raxis lead penetration tester Matt Dunn discovers an information leakage vulnerability in ManageEngine’s Asset Explorer CVE-2022-25245
-
Exploiting Dirty Pipe (CVE-2022-0847)
The Dirty Pipe vulnerability (CVE-2022-0847) allows any user to write to read-only files, including files that are owned by root, allowing privilege escalation.
-
CVE-2022-24681: ManageEngine AD SelfService Plus Stored Cross-Site Scripting (XSS)
Raxis’ Matt Dunn continues his prolific discovery of new CSS CVEs. This one affects ManageEngine AD SelfService Plus Stored Cross-Site Scripting.
