Land rapid7#3708, @pedrib fix for manage_engine_dc_pmp_sqli

jvazquez-r7 · jvazquez-r7 · commit 58091b9e2b99 · 2014-08-28T10:47:03.000-05:00
diff --git a/modules/exploits/multi/http/manage_engine_dc_pmp_sqli.rb b/modules/exploits/multi/http/manage_engine_dc_pmp_sqli.rb
@@ -15,7 +15,7 @@ class Metasploit3 < Msf::Exploit::Remote
 
   def initialize(info={})
     super(update_info(info,
-      'Name'           => "ManageEngine Password Manager MetadataServlet.dat SQL Injection",
+      'Name'           => "ManageEngine Desktop Central / Password Manager LinkViewFetchServlet.dat SQL Injection",
       'Description'    => %q{
         This module exploits an unauthenticated blind SQL injection in LinkViewFetchServlet,
         which is exposed in ManageEngine Desktop Central v7 build 70200 to v9 build 90033 and
@@ -216,7 +216,7 @@ def db_paths
     paths = desktop_central_db_paths
 
     if paths.empty?
-      paths = check_password_manager_pro
+      paths = password_manager_paths
     end
 
     paths
