192 matches found
CVE-2020-1963
Apache Ignite uses H2 database to build SQL distributed execution engine. H2 provides SQL functions which could be used by attacker to access to a filesystem...
Design/Logic Flaw
Apache Ignite uses H2 database to build SQL distributed execution engine. H2 provides SQL functions which could be used by attacker to access to a filesystem...
CVE-2020-1963
Apache Ignite (which uses H2 for its distributed SQL execution) has a vulnerability where H2 SQL functions could be abused to access the filesystem. The connected advisories corroborate that this vulnerability involves file-system access via H2 within Ignite. No exploit specifics, affected versio...
CVE-2020-1963
Apache Ignite uses H2 database to build SQL distributed execution engine. H2 provides SQL functions which could be used by attacker to access to a filesystem...
Sahi Pro 8.x SQL Injection
Exploit Title: Sahi pro :/s/dyn/pro/DBReports?sql=SELECT DISTINCT memoryused AS ROWSTATUS, SCRIPTREPORTS.SCRIPTREPORTID,SCRIPTREPORTS.SCRIPTNAME,SUITEREPORTS. FROM SUITEREPORTS,SCRIPTREPORTS...
Sahi pro 8.x - SQL Injection
Sahi pro 8.x - SQL Injection Exploit Title: Sahi pro :/s/dyn/pro/DBReports?sql=SELECT DISTINCT memoryused AS ROWSTATUS, SCRIPTREPORTS.SCRIPTREPORTID,SCRIPTREPORTS.SCRIPTNAME,SUITEREPORTS. FROM SUITEREPORTS,SCRIPTREPORTS...
H2 Database Default Credentials Authentication Bypass
An authentication bypass vulnerability exists in H2 Database. The vulnerability is due to the usage of default credentials. A remote attacker may exploit this vulnerability to gain complete access to the affected system...
H2 Database 1.4.196 - Remote Code Execution
H2 Database 1.4.196 - Remote Code Execution Exploit Title: H2 Database 1.4.196 - Remote Code Execution Google Dork: N/A Date: 2018-09-24 Exploit Author: h4ckNinja Vendor Homepage: https://www.h2database.com/ Software Link: http://www.h2database.com/h2-2018-03-18.zip Version: 1.4.196 and 1.4.197...
H2 Database 1.4.196 - Remote Code Execution
Exploit Title: H2 Database 1.4.196 - Remote Code Execution Google Dork: N/A Date: 2018-09-24 Exploit Author: h4ckNinja Vendor Homepage: https://www.h2database.com/ Software Link: http://www.h2database.com/h2-2018-03-18.zip Version: 1.4.196 and 1.4.197 Tested on: macOS/Linux CVE: N/A This takes...
H2 Database 1.4.196 - Remote Code Execution Exploit
Exploit for java platform in category web applications Exploit Title: H2 Database 1.4.196 - Remote Code Execution Exploit Author: h4ckNinja Vendor Homepage: https://www.h2database.com/ Software Link: http://www.h2database.com/h2-2018-03-18.zip Version: 1.4.196 and 1.4.197 Tested on: macOS/Linux...
H2 Database 1.4.196 Remote Code Execution
Exploit Title: H2 Database 1.4.196 - Remote Code Execution Google Dork: N/A Date: 2018-09-24 Exploit Author: h4ckNinja Vendor Homepage: https://www.h2database.com/ Software Link: http://www.h2database.com/h2-2018-03-18.zip Version: 1.4.196 and 1.4.197 Tested on: macOS/Linux CVE: N/A This takes...
CVE-2018-14335
An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files outside of their permissions via a symlink to a fake database file...
H2 Database 1.4.197 - Information Disclosure
Exploit Title: H2 Database 1.4.197 - Information Disclosure Date: 2018-07-16 Exploit Author: owodelta Vendor Homepage: www.h2database.com Software Link: http://www.h2database.com/html/download.html Version: all versions Tested on: Linux CVE : CVE-2018-14335 Description: Insecure handling of...
H2 Database 1.4.197 - Information Disclosure
H2 Database 1.4.197 - Information Disclosure Exploit Title: H2 Database 1.4.197 - Information Disclosure Date: 2018-07-16 Exploit Author: owodelta Vendor Homepage: www.h2database.com Software Link: http://www.h2database.com/html/download.html Version: all versions Tested on: Linux CVE :...
H2 Database 1.4.197 - Information Disclosure Exploit
Exploit for linux platform in category web applications Exploit Title: H2 Database 1.4.197 - Information Disclosure Exploit Author: owodelta Vendor Homepage: www.h2database.com Software Link: http://www.h2database.com/html/download.html Version: all versions Tested on: Linux CVE : CVE-2018-14335...
H2 Database 1.4.197 Information Disclosure
Exploit Title: H2 Database 1.4.197 - Information Disclosure Date: 2018-07-16 Exploit Author: owodelta Vendor Homepage: www.h2database.com Software Link: http://www.h2database.com/html/download.html Version: all versions Tested on: Linux CVE : CVE-2018-14335 Description: Insecure handling of...
H2 Information Disclosure Vulnerability
H2 is a set of open source database management software . An information disclosure vulnerability exists in H2 version 1.4.197 that stems from the program not having secure processing privileges. The vulnerability can be exploited by an attacker to read sensitive files files outside the attacker'...
CVE-2018-14335
An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files outside of their permissions via a symlink to a fake database file...
CVE-2018-14335
An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files outside of their permissions via a symlink to a fake database file...
CVE-2018-14335
An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files outside of their permissions via a symlink to a fake database file...