Add remediation information to CVE-2021-40539 and CVE-2021-44427 (#3237)
* Added remediation to CVE-2021-40539 * Added remediation to CVE-2021-44427 Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>patch-1
parent
40d7678327
commit
854b464b1d
|
@ -4,7 +4,8 @@ info:
|
|||
name: ManageEngine ADSelfService Plus version 6113 Unauthenticated RCE
|
||||
author: daffainfo,pdteam
|
||||
severity: critical
|
||||
description: ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.
|
||||
description: ManageEngine ADSelfService Plus version 6113 and prior are vulnerable to a REST API authentication bypass which leads to remote code execution.
|
||||
remediation: Upgrade to ADSelfService Plus build 6114.
|
||||
reference:
|
||||
- https://attackerkb.com/topics/DMSNq5zgcW/cve-2021-40539/rapid7-analysis
|
||||
- https://www.synacktiv.com/publications/how-to-exploit-cve-2021-40539-on-manageengine-adselfservice-plus.html
|
||||
|
@ -110,4 +111,4 @@ requests:
|
|||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
- 200
|
||||
|
|
|
@ -4,7 +4,8 @@ info:
|
|||
name: Rosario Student Information System Unauthenticated SQL Injection
|
||||
author: furkansayim,xShuden
|
||||
severity: critical
|
||||
description: An unauthenticated SQL Injection vulnerability in Rosario Student Information System (aka rosariosis) before 8.1.1 allows remote attackers to execute PostgreSQL statements (e.g., SELECT, INSERT, UPDATE, and DELETE) through /Side.php via the syear parameter.
|
||||
description: An unauthenticated SQL Injection vulnerability in Rosario Student Information System (aka rosariosis) 8.1 and below allow remote attackers to execute PostgreSQL statements (e.g., SELECT, INSERT, UPDATE, and DELETE) through /Side.php via the syear parameter.
|
||||
remediation: Upgrade to version 8.1.1 or higher.
|
||||
reference:
|
||||
- https://gitlab.com/francoisjacquet/rosariosis/-/issues/328
|
||||
- https://twitter.com/RemotelyAlerts/status/1465697928178122775
|
||||
|
|
Loading…
Reference in New Issue