Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
[The ManageOwnage series, part VIII]: Remote code execution and blind SQLi in OpManager, Social IT and IT360
Nov 09 2014 07:40PM
Pedro Ribeiro (pedrib gmail com)
This is the 8th part of the ManageOwnage series. For previous parts see .
This time we have a file upload leading to remote code execution and a
blind SQL injection in ManageEngine OpManager, Social IT Plus and
ManageEngine have released an emergency fix, see details in the
[ more ]
Copyright 2010, SecurityFocus