Lucene search
+L

192 matches found

OSV
OSV
added 2020/06/03 1:15 p.m.20 views

CVE-2020-1963

Apache Ignite uses H2 database to build SQL distributed execution engine. H2 provides SQL functions which could be used by attacker to access to a filesystem...

9.1CVSS7.7AI score
Exploits0References10
Prion
Prion
added 2020/06/03 1:15 p.m.18 views

Design/Logic Flaw

Apache Ignite uses H2 database to build SQL distributed execution engine. H2 provides SQL functions which could be used by attacker to access to a filesystem...

6.4CVSS9.3AI score0.04983EPSS
Exploits0References10Affected Software1
CVE
CVE
added 2020/06/03 12:53 p.m.100 views

CVE-2020-1963

Apache Ignite (which uses H2 for its distributed SQL execution) has a vulnerability where H2 SQL functions could be abused to access the filesystem. The connected advisories corroborate that this vulnerability involves file-system access via H2 within Ignite. No exploit specifics, affected versio...

9.1CVSS9.2AI score0.04983EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2020/06/03 12:53 p.m.25 views

CVE-2020-1963

Apache Ignite uses H2 database to build SQL distributed execution engine. H2 provides SQL functions which could be used by attacker to access to a filesystem...

9.4AI score0.04983EPSS
Exploits0References10
Packet Storm
Packet Storm
added 2019/06/18 12:0 a.m.186 views

Sahi Pro 8.x SQL Injection

Exploit Title: Sahi pro :/s/dyn/pro/DBReports?sql=SELECT DISTINCT memoryused AS ROWSTATUS, SCRIPTREPORTS.SCRIPTREPORTID,SCRIPTREPORTS.SCRIPTNAME,SUITEREPORTS. FROM SUITEREPORTS,SCRIPTREPORTS...

0.7AI score0.18539EPSS
Exploits5
exploitpack
exploitpack
added 2019/06/18 12:0 a.m.33 views

Sahi pro 8.x - SQL Injection

Sahi pro 8.x - SQL Injection Exploit Title: Sahi pro :/s/dyn/pro/DBReports?sql=SELECT DISTINCT memoryused AS ROWSTATUS, SCRIPTREPORTS.SCRIPTREPORTID,SCRIPTREPORTS.SCRIPTNAME,SUITEREPORTS. FROM SUITEREPORTS,SCRIPTREPORTS...

7.5CVSS0.7AI score0.18539EPSS
Exploits5
Check Point Advisories
Check Point Advisories
added 2018/10/02 12:0 a.m.1 views

H2 Database Default Credentials Authentication Bypass

An authentication bypass vulnerability exists in H2 Database. The vulnerability is due to the usage of default credentials. A remote attacker may exploit this vulnerability to gain complete access to the affected system...

4.2AI score
Exploits0
exploitpack
exploitpack
added 2018/10/01 12:0 a.m.64 views

H2 Database 1.4.196 - Remote Code Execution

H2 Database 1.4.196 - Remote Code Execution Exploit Title: H2 Database 1.4.196 - Remote Code Execution Google Dork: N/A Date: 2018-09-24 Exploit Author: h4ckNinja Vendor Homepage: https://www.h2database.com/ Software Link: http://www.h2database.com/h2-2018-03-18.zip Version: 1.4.196 and 1.4.197...

8.1AI score
Exploits0
Exploit DB
Exploit DB
added 2018/10/01 12:0 a.m.67 views

H2 Database 1.4.196 - Remote Code Execution

Exploit Title: H2 Database 1.4.196 - Remote Code Execution Google Dork: N/A Date: 2018-09-24 Exploit Author: h4ckNinja Vendor Homepage: https://www.h2database.com/ Software Link: http://www.h2database.com/h2-2018-03-18.zip Version: 1.4.196 and 1.4.197 Tested on: macOS/Linux CVE: N/A This takes...

7.4AI score
Exploits0
0day.today
0day.today
added 2018/10/01 12:0 a.m.42 views

H2 Database 1.4.196 - Remote Code Execution Exploit

Exploit for java platform in category web applications Exploit Title: H2 Database 1.4.196 - Remote Code Execution Exploit Author: h4ckNinja Vendor Homepage: https://www.h2database.com/ Software Link: http://www.h2database.com/h2-2018-03-18.zip Version: 1.4.196 and 1.4.197 Tested on: macOS/Linux...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/10/01 12:0 a.m.39 views

H2 Database 1.4.196 Remote Code Execution

Exploit Title: H2 Database 1.4.196 - Remote Code Execution Google Dork: N/A Date: 2018-09-24 Exploit Author: h4ckNinja Vendor Homepage: https://www.h2database.com/ Software Link: http://www.h2database.com/h2-2018-03-18.zip Version: 1.4.196 and 1.4.197 Tested on: macOS/Linux CVE: N/A This takes...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2018/08/01 2:49 p.m.25 views

CVE-2018-14335

An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files outside of their permissions via a symlink to a fake database file...

6.5CVSS4.3AI score0.13389EPSS
Exploits5References2
Exploit DB
Exploit DB
added 2018/07/30 12:0 a.m.68 views

H2 Database 1.4.197 - Information Disclosure

Exploit Title: H2 Database 1.4.197 - Information Disclosure Date: 2018-07-16 Exploit Author: owodelta Vendor Homepage: www.h2database.com Software Link: http://www.h2database.com/html/download.html Version: all versions Tested on: Linux CVE : CVE-2018-14335 Description: Insecure handling of...

6.5CVSS7AI score0.13389EPSS
Exploits5
exploitpack
exploitpack
added 2018/07/30 12:0 a.m.77 views

H2 Database 1.4.197 - Information Disclosure

H2 Database 1.4.197 - Information Disclosure Exploit Title: H2 Database 1.4.197 - Information Disclosure Date: 2018-07-16 Exploit Author: owodelta Vendor Homepage: www.h2database.com Software Link: http://www.h2database.com/html/download.html Version: all versions Tested on: Linux CVE :...

4CVSS6.6AI score0.13389EPSS
Exploits5
0day.today
0day.today
added 2018/07/30 12:0 a.m.45 views

H2 Database 1.4.197 - Information Disclosure Exploit

Exploit for linux platform in category web applications Exploit Title: H2 Database 1.4.197 - Information Disclosure Exploit Author: owodelta Vendor Homepage: www.h2database.com Software Link: http://www.h2database.com/html/download.html Version: all versions Tested on: Linux CVE : CVE-2018-14335...

6.8AI score0.13389EPSS
Exploits5
Packet Storm
Packet Storm
added 2018/07/30 12:0 a.m.50 views

H2 Database 1.4.197 Information Disclosure

Exploit Title: H2 Database 1.4.197 - Information Disclosure Date: 2018-07-16 Exploit Author: owodelta Vendor Homepage: www.h2database.com Software Link: http://www.h2database.com/html/download.html Version: all versions Tested on: Linux CVE : CVE-2018-14335 Description: Insecure handling of...

6.8AI score0.13389EPSS
Exploits5
CNVD
CNVD
added 2018/07/26 12:0 a.m.6 views

H2 Information Disclosure Vulnerability

H2 is a set of open source database management software . An information disclosure vulnerability exists in H2 version 1.4.197 that stems from the program not having secure processing privileges. The vulnerability can be exploited by an attacker to read sensitive files files outside the attacker'...

6.5CVSS6.1AI score0.13389EPSS
Exploits5References1
NVD
NVD
added 2018/07/24 1:29 p.m.34 views

CVE-2018-14335

An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files outside of their permissions via a symlink to a fake database file...

6.5CVSS6.2AI score0.13389EPSS
Exploits5References5
OSV
OSV
added 2018/07/24 1:29 p.m.21 views

CVE-2018-14335

An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files outside of their permissions via a symlink to a fake database file...

6.5CVSS6.3AI score
Exploits0References5
Cvelist
Cvelist
added 2018/07/24 1:0 p.m.31 views

CVE-2018-14335

An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files outside of their permissions via a symlink to a fake database file...

6.2AI score0.13389EPSS
Exploits5References5
Rows per page
Query Builder