ManageEngine Eventlog Analyzer Privilege Escalation v10.8

# ManageEngine EventLog Analyzer v10.8 # Date: 2/9/2016 # Exploit Author: @GraphX # Vendor Homepage: http://www.manageengine.com # Version: 10.8 1 Description: It is possible for a remote authenticated attacker using an unprivileged account to gain access to the admin account via parameter

ASUS RT-N56U Persistent XSS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 # Exploit Title: ASUS RT-N56U Persistent XSS # Date: 2/2/2016 # Exploit Author: @GraphX # Vendor Homepage: http://asus.com/ # Version: 3.0.0.4.374_239 1 Description: It is possible for an authenticated attacker to bypass input sanitation in the

ManageEngine Eventlog Analyzer v4-v10 Privilege Esacalation

# Exploit Title: ManageEngine Eventlog Analyzer Privilege Escalation # Exploit Author: @GraphX # Vendor Homepage:http://www.manageengine.com # Version: 4.0 - 10 1. Description: The manageengine eventlog analyzer fails to properly verify user privileges when making changes via the

ZyXel WAP3205 v1 Multiple XSS

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 #Vendor: ZyXel WAP3205 - version 1 (Product is EOL and no patch forthcoming) #Firmware version: V1.00(BFR.6) - V1.00(BFR.8)C0 #Exploit Author: Nicholas Lehman @GraphX #Vulnerability: Multiple persistent and reflected XSS vulnerabilities