CVE-2022-26653 & CVE-2022-26777: ManageEngine Remote Access Plus Guest User Insecure Direct Object References
Raxis lead penetration tester Matt Dunn uncovers two more ManageEngine vulnerabilities (CVE-2022-26653 & CVE-2022-26777).
CVE-2022-25373: ManageEngine Support Center Plus Stored Cross-Site Scripting (XSS)
Matt Dunn discovers another ManageEngine vulnerability, this one in the Support Center Plus application.
CVE-2022-25245: ManageEngine Asset Explorer Information Leakage
Raxis lead penetration tester Matt Dunn discovers an information leakage vulnerability in ManageEngine’s Asset Explorer
CVE-2022-24681: ManageEngine AD SelfService Plus Stored Cross-Site Scripting (XSS)
Raxis lead penetration tester Matt Dunn continues his prolific discovery of new cross-site scripting CVEs.[…]
ManageEngine Key Manager Plus Cross-Site Scripting Vulnerability (CVE-2021-28382)
Raxis’ Lead Penetration Tester Matt Dunn discovers another cross-site scripting vulnerability in Zoho’s MangeEngine Key[…]
Cross-Site Scripting Vulnerability in ManageEngine AD Self Service Plus (CVE-2021-27956)
Raxis lead penetration tester Matt Dunn has uncovered a new cross-site scripting vulnerability in Manage[…]
2870 Peachtree Road
Suite #915-8924
Atlanta, GA 30305 USA
+1 678.421.4544
© 2024 Raxis, LLC – All rights reserved