# 0DAY - [ADManager Plus Build < 7230 Elevation Of Privilege Vulnerability (CVE-2025-9435)](https://docs.unsafe-inline.com/0day/admanager-plus-build-less-than-7230-elevation-of-privilege-vulnerability-cve-2025-9435.md) - [ADManager Plus Build < 7210 Elevation of Privilege Vulnerability (CVE-2024-24409)](https://docs.unsafe-inline.com/0day/admanager-plus-build-less-than-7210-elevation-of-privilege-vulnerability-cve-2024-24409.md) - [Asp.Net Zero v12.3.0 - HTML Injection Leads To Open Redirect via Websockets (CVE-2023-48003)](https://docs.unsafe-inline.com/0day/asp.net-zero-v12.3.0-html-injection-leads-to-open-redirect-via-websockets-cve-2023-48003.md) - [ManageEngine ADManager Plus Build < 7183 - Recovery Password Disclosure (CVE-2023-31492)](https://docs.unsafe-inline.com/0day/manageengine-admanager-plus-build-less-than-7183-recovery-password-disclosure-cve-2023-31492.md) - [Multiple ManageEngine Applications Critical Information Disclosure Vulnerability](https://docs.unsafe-inline.com/0day/multiple-manageengine-applications-critical-information-disclosure-vulnerability.md): The NTLMv2 hash of the domain user or the computer accounts, can be obtained coercing the target server authenticates an arbitrary SMB server. (CVE-2022-29457) - [Thecus N4800Eco Nas Server Control Panel Comand Injection](https://docs.unsafe-inline.com/0day/thecus-n4800eco-nas-server-control-panel-comand-injection.md): Command Injection vulnerability that lets attacker for executing command with root privileges. - [ManageEngine ADSelfService Plus 6.1 CSV Injection (CVE-2021-33256)](https://docs.unsafe-inline.com/0day/manageengine-adselfservice-plus-6.1-csv-injection.md): Obtain reverse shell in the domain environment exploiting CSV injection vulnerability - [Openlitespeed Web Server 1.7.8 - Privilege Escalation (CVE-2021-26758)](https://docs.unsafe-inline.com/0day/openlitespeed-web-server-1.7.8-command-injection-to-privilege-escalation-cve-2021-26758.md): Openlitespeed Web Server 1.7.8 - Command Injection to Privilege Escalation (CVE-2021-26758) - [KLOG Server (Authenticated) Command Injection (CVE-2021-3317)](https://docs.unsafe-inline.com/0day/klog-server-authenticated-command-injection.md): Klog Server 2.4.1 - Command Injection (Authenticated) - [Cokpit version 234 - Server Side Request Forgery (CVE-2020-35850)](https://docs.unsafe-inline.com/0day/cokpit-version-234-server-side-request-forgery-cve-2020-35850.md): Cockpit Version 234 - sshd Service Scanning via Server-Side Request Forgery (Unauthenticated) - [KLOG Server Unauthenticated Command Injection (CVE-2020-35729)](https://docs.unsafe-inline.com/0day/klog-server-unauthentication-command-injection.md) - [Pearson Vue - VUEApplicationWrapper Unquoted Service Path (CVE-2020-36154)](https://docs.unsafe-inline.com/0day/pearson-vue-vueapplicationwrapper-unquoted-service-path.md): Pearson Vue VTS 2.3.1911 Installer - VUEApplicationWrapper Unquoted Service Path - [Intel(r) Management and Security Application 5.2 - UNS Unquoted Service Path](https://docs.unsafe-inline.com/0day/intel-uns-unquoted-service-path.md): Intel(r) Management and Security Application 5.2 - User Notification Service Unquoted Service Path Privilege Escalation - [BRAdmin Professional 3.75 - Unquoted Service Path](https://docs.unsafe-inline.com/0day/bradmin-professional-3.75-unquoted-service-path.md): BRAdmin Professional 3.75 - BRA\_Scheduler Unquoted Service Path Privilege Escalation --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.unsafe-inline.com/0day.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.