Raxis Blog Posts By Author
-
CVE-2022-35739: PRTG Network Monitor Cascading Style Sheets (CSS) InjectionThis CSS vulnerability, discovered by Raxis lead penetration tester Matt Mathur, lies in a device’s properties and how they are verified and displayed within PRTG Network Monitor. -
CVE-2022-26653 & CVE-2022-26777: ManageEngine Remote Access Plus Guest User Insecure Direct Object ReferencesRaxis lead penetration tester Matt Dunn uncovers two more ManageEngine vulnerabilities (CVE-2022-26653 & CVE-2022-26777). -
CVE-2022-25373: ManageEngine Support Center Plus Stored Cross-Site Scripting (XSS)Matt Dunn discovers another ManageEngine vulnerability, this one in the Support Center Plus application. -
Raxis Supports Pensacola ROV TeamRaxis is proud to sponsor the Pensacola Catholic High School “Crubotics” robotics team. Its members will compete in June 2022’s World Championships in Long Beach, California. The event is part the MATE ROV competioton -
CVE-2022-25245: ManageEngine Asset Explorer Information LeakageRaxis lead penetration tester Matt Dunn discovers an information leakage vulnerability in ManageEngine’s Asset Explorer CVE-2022-25245 -
CVE-2022-24681: ManageEngine AD SelfService Plus Stored Cross-Site Scripting (XSS)Raxis lead penetration tester Matt Dunn continues his prolific discovery of new cross-site scripting CVEs. This one affects ManageEngine AD SelfService Plus Stored Cross-Site Scripting (XSS). -
Why We Take Simultaneous Sessions Seriously on Penetration TestsRaxis Lead Penetration Tester Matt Dunn explains why you simultaneous sessions is a significant finding on a penetration test. -
Meet the Team: Jim McClellan, Marketing DirectorRaxis’ new marketing director, Jim McClellan, talks about the unusual career path that led from consultant to full-time team member. -
What is Web App Pentesting? (Part Two)Lead penetration tester Matt Dunn continues his discussion about web application testing. In Part Two, Matt explains testing as an authenticated user vs. as an unauthenticated user. -
What is Web Application Penetration Testing?Learn how Raxis approaches web application testing and how it differs from network penetration testing. Lead penetration tester Matt Dunn explains in this post. -
Reporting Tools for Large Penetration TestsRaxis lead penetration tester Matt Dunn has developed three new tools to make it easier to compile and present findings from large penetration tests. -
Meet the Team: Mark Fabian, Senior Penetration TesterMark Fabian worked his way up through the IT career field before arriving at his dream job as an ethical hacker.