infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Land #3708, @pedrib fix for manage_engine_dc_pmp_sqli

bug/bundler_fix 2014082701
jvazquez-r7 2014-08-28 10:47:03 -05:00
parent d8c15766bd a8d03aeb59
commit 58091b9e2b
No known key found for this signature in database
GPG Key ID: 38D99152B9352D83
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
modules/exploits/multi/http/manage_engine_dc_pmp_sqli.rb
View File

@ -15,7 +15,7 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info={})
super(update_info(info,
'Name' => "ManageEngine Password Manager MetadataServlet.dat SQL Injection",
'Name' => "ManageEngine Desktop Central / Password Manager LinkViewFetchServlet.dat SQL Injection",
'Description' => %q{
This module exploits an unauthenticated blind SQL injection in LinkViewFetchServlet,
which is exposed in ManageEngine Desktop Central v7 build 70200 to v9 build 90033 and
@ -216,7 +216,7 @@ class Metasploit3 < Msf::Exploit::Remote
paths = desktop_central_db_paths
if paths.empty?
paths = check_password_manager_pro
paths = password_manager_paths
end
paths