Posted by Pedro Ribeiro on Nov 09

Hi,

This is part 7 of the ManageOwnage series. For previous parts, see [1].

Today we have a blind SQL injection in Password Manager Pro (PMP) that
can be abused to escalate privileges for a low privileged user (like a
guest) to the “super administrator”. Using our new powers we can then
dump the whole password database in cleartext.

Unlike in part 6, this time ManageEngine have been responsible and
released an update. It actually…