{"uuid": "f16a2df5-8c67-4810-8c79-49c1fb646cbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28219", "type": "published-proof-of-concept", "source": "https://t.me/poxek/2290", "content": "ManageEngine ADAudit Plus Path Traversal / XML Injection\n\nThis Metasploit module exploits CVE-2022-28219, which is a pair of vulnerabilities in ManageEngine ADAudit Plus versions before build 7060. They include a path traversal in the /cewolf endpoint along with a blind XML external entity injection vulnerability to upload and execute a file.", "creation_timestamp": "2022-08-17T09:00:04.000000Z"}