201 matches found
CVE-2022-38130
CVE-2022-38130 affects Keysight SMS (com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip). An unauthenticated, remote attacker can supply an UNC path to a zipped HSQLDB database, causing the database content to be restored and potentially enabling remote code execution as described...
SQLMap v1.4.9 - Automatic SQL Injection And Database Takeover Tool
SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...
Exploit for Path Traversal in F5 Big-Ip_Access_Policy_Manager
F5 BIG-IP RCE CVE-2020-5902 Vulnerability Detection Tool ==...
BIG-IP 15.0.0 < 15.1.0.3 - Traffic Management User Interface (TMUI) Remote Code Execution Exploit
Exploit for linux platform in category web applications BIG-IP 15.0.0 " echo exit 1 fi server=$1?hostname argument required localip=$2?Locaip argument required port=$3?Port argument required if ! -f $server.der then echo "$server.der does not exist - extracting cert" openssl sclient \ -showcerts ...
The vulnerability of the relational SQL database HSQLDB, related to the exposure of static Java methods, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the relational SQL database HSQLDB is related to the exposure of static Java methods. Exploiting this vulnerability can allow an attacker operating remotely to gain access to confidential data, compromise its integrity, and even cause service failures...
hsqldb.10974.n7.nabble.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1184682 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...
SQLMap v1.3.10 - Automatic SQL Injection And Database Takeover Tool
SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...
Automatic SQL injection and database takeover tool: sqlmap
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...
SQLMap v1.2.9 - Automatic SQL Injection And Database Takeover Tool
SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...
Remote Code Execution (RCE)
HSQLDB is vulnerable to remote code execution. The static methods of all available Java classes can be accessed as functions using crafted database documents when the system property hsqldb.methodclassnames is not set. A remote attacker is able to exploit the vulnerability to execute arbitrary Ja...
SQLMap v1.1.8 - Automatic SQL Injection And Database Takeover Tool
SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...
JBoss 3.0.8/3.2.1 HSQLDB Remote Command Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8773/info A remote command-injection vulnerability has been reported in JBoss. The issue is reportedly exposed via the HSQLDB component, which is a SQL database server that manages JMS connections. Because of a number of...
RHEL 5 : JBoss EAP (RHSA-2008:0213)
New JBoss Enterprise Application Platform JBEAP packages, comprising the 4.2.0.CP02 release, are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. JBEAP is a middleware platform for Java 2 Platform,...
RHEL 5 : openoffice.org, hsqldb (RHSA-2007:1048)
Updated openoffice.org and hsqldb packages that fix security flaws are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite. HSQLDB is a Java relational...
Scientific Linux Security Update : openoffice.org, hsqldb on SL5.x i386/x86_64
It was discovered that HSQLDB could allow the execution of arbitrary public static Java methods. A carefully crafted odb file opened in OpenOffice.org Base could execute arbitrary commands with the permissions of the user running OpenOffice.org. CVE-2007-4575 It was discovered that HSQLDB did not...
Scientific Linux Security Update : openoffice.org2 on SL4.5 i386/x86_64
It was discovered that HSQLDB could allow the execution of arbitrary public static Java methods. A carefully crafted odb file opened in OpenOffice.org Base could execute arbitrary commands with the permissions of the user running OpenOffice.org. CVE-2007-4575 %NASLMINLEVEL 70300 C Tenable Network...
CentOS 5 : openoffice.org / hsqldb (CESA-2007:1048)
Updated openoffice.org and hsqldb packages that fix security flaws are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite. HSQLDB is a Java relational...
Mandriva Linux Security Advisory : openoffice.org (MDVSA-2008:095)
A vulnerability in HSQLDB before 1.8.0.9 in OpenOffice.org could allow user-assisted remote attackers to execute arbitrary Java code via crafted database documents CVE-2007-4575. A heap overflow was discovered in OpenOffice.org's EMF parser. An attacker could create a carefully crafted EMF file...
Mandriva Update for openoffice.org MDVSA-2008:095 (openoffice.org)
Check for the Version of openoffice.org OpenVAS Vulnerability Test Mandriva Update for openoffice.org MDVSA-2008:095 openoffice.org Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...
Mandriva Update for openoffice.org MDVSA-2008:095 (openoffice.org)
Check for the Version of openoffice.org OpenVAS Vulnerability Test Mandriva Update for openoffice.org MDVSA-2008:095 openoffice.org Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...