CVE-2022-25373: ManageEngine Support Center Plus Stored Cross-Site Scripting (XSS)
Matt Dunn discovers another ManageEngine Cross-Site Scripting vulnerability, this one in the Support Center Plus application.
Discover the Art of Penetration Testing
The Exploit is Raxis’ cybersecurity blog where penetration testers and red team experts share real-world insights, attack techniques, and strategies to strengthen defenses against evolving threats. We feature expert advice, detailed breakdowns of exploits, and practical guidance to help organizations understand and respond to today’s most pressing security challenges.
Raxis Earns Five-Star Rating
Five stars from Clutch? We got ‘em! Read the details about why our penetration testing and cybersecurity customers say we rock.
Raxis Supports Pensacola ROV Team
Raxis is proud to sponsor the Pensacola Catholic High School “Crubotics” robotics team. Its members will compete in June 2022’s World Championships in Long Beach, California. The event is part the MATE ROV competioton
CVE-2022-25245: ManageEngine Asset Explorer Information Leakage
Raxis lead penetration tester Matt Dunn discovers an information leakage vulnerability in ManageEngine’s Asset Explorer CVE-2022-25245
Exploiting Dirty Pipe (CVE-2022-0847)
The Dirty Pipe vulnerability (CVE-2022-0847) allows any user to write to read-only files, including files that are owned by root, allowing privilege escalation.
CVE-2022-24681: ManageEngine AD SelfService Plus Stored Cross-Site Scripting (XSS)
Raxis’ Matt Dunn continues his prolific discovery of new CSS CVEs. This one affects ManageEngine AD SelfService Plus Stored Cross-Site Scripting.
Why We Take Simultaneous Sessions Seriously on Penetration Tests
Raxis Lead Penetration Tester Matt Dunn explains why you simultaneous sessions is a significant finding on a penetration test.
Hackers See Opportunity Where You See Only a Button
In this post, Raxis VP Brad Herring explains how web proxy tools can turn even simple buttons and check-boxes into avenues for an attack.
Jim McClellan, Marketing Director
Raxis’ new marketing director, Jim McClellan, talks about the unusual career path that led from consultant to full-time team member.
How to Hire a Penetration Testing Firm – Part 2
Is your organization is in the market for a penetration test? Raxis’ COO Bonnie Smyre continues her two-part series on how to hire a penetration testing firm.
Blog Categories
- AI
- Careers
- Choosing a Penetration Testing Company
- Exploits
- How To
- In The News
- Injection Attacks
- Just For Fun
- Meet Our Team
- Mobile Apps
- Networks
- Password Cracking
- Patching
- Penetration Testing
- Phishing
- PTaaS
- Raxis In The Community
- Red Team
- Security Recommendations
- Social Engineering
- Tips For Everyone
- Web Apps
- What People Are Saying
- Wireless