Lucene search
+L

4 matches found

Hacker One
Hacker One
added 2022/03/29 6:49 a.m.134 views

Palantir Public: SQL Injection at https://files.palantir.com/ due to CVE-2021-38159

A vulnerability was discovered in an Internet-facing asset files.palantir.com. A proof of concept POC was developed and used to validate the finding. The vulnerability was patched and resolved. Blog about this vulnerability published. You can read full detail here:...

7.5CVSS0.01891EPSS
Exploits0
Circl
Circl
added 2021/08/07 8:34 p.m.8 views

CVE-2021-38159

creationtimestamp| type| source ---|---|--- 2021-08-07 20:34:33+00:00| seen| https://t.me/cibsecurity/26967 2022-04-05 13:51:54+00:00| published-proof-of-concept| https://t.me/ctinow/49716...

9.8CVSS8.7AI score0.01891EPSS
Exploits0References2
NVD
NVD
added 2021/08/07 5:15 p.m.26 views

CVE-2021-38159

In certain Progress MOVEit Transfer versions before 2021.0.4 aka 13.0.4, SQL injection in the MOVEit Transfer web application could allow an unauthenticated remote attacker to gain access to the database. Depending on the database engine being used MySQL, Microsoft SQL Server, or Azure SQL, an...

9.8CVSS0.01891EPSS
Exploits0References2
CVE
CVE
added 2021/08/07 4:5 p.m.79 views

CVE-2021-38159

CVE-2021-38159 affects Progress MOVEit Transfer web applications; versions before 2021.0.4 (13.0.4) are vulnerable to unauthenticated SQL injection. An attacker could access the backend database, potentially inferring schema/data or executing statements that alter or delete elements, with impact ...

9.8CVSS9.8AI score0.01891EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder