Lucene search
K

9816 matches found

seebug.org
seebug.org
added 2008/07/17 12:0 a.m.19 views

Oracle Database PL/SQL Statement Multiple SQL Injection Exploits

No description provided by source. / Advanced SQL Injection in Oracle databases Becoming the SYS user with SQL Injection. This script creates functions that can be injected to replace the password of the SYS user and to restore it to the original value. By Esteban Martinez Fayo [email protected] /...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2008/04/15 12:0 a.m.87 views

[NEWS] Websphere MQ MCAUSER Setting Bypass Vulnerability

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

6.6CVSS0.1AI score0.00338EPSS
Exploits0
Exploit DB
Exploit DB
added 2007/07/22 12:0 a.m.50 views

Joomla! 1.5 Beta 2 - 'Search' Remote Code Execution

SEC Consult Security Advisory ======================================================================= title: Remote command execution in Joomla! CMS program: Joomla! vulnerable version: 1.5 beta 2 Earlier 1.5 versions may be vulnerable too! impact: critical homepage: http://www.joomla.org found:...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2007/07/22 12:0 a.m.39 views

Joomla! CMS 1.5 beta 2 (search) Remote Code Execution Vulnerability

No description provided by source. SEC Consult Security Advisory 20070722-0 ======================================================================= title: Remote command execution in Joomla! CMS program: Joomla! vulnerable version: 1.5 beta 2 Earlier 1.5 versions may be vulnerable too! impact:...

7.1AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2007/05/16 12:0 a.m.15 views

JVN#81294906 Homepage Builder sample CGI programs vulnerable to OS command injection

Among sample CGI programs included in Homepage Builder, anketo.cgi, kansou.cgi, and order.cgi contain an OS command injection vulnerability as they do not properly validate input data. Impact An arbitrary command could be executed on the web server with the privilege of the web server process...

7.7AI score
Exploits0
CVE
CVE
added 2007/01/30 4:0 p.m.33 views

CVE-2007-0565

Shopping Basket Professional by CGI RESCUE (v7.50 and earlier) is affected by an OS command injection vulnerability. The issue arises from improper handling/validation of input data, allowing a remote attacker to inject and execute arbitrary OS commands. This is based on the JVN entry describing ...

7.5CVSS7AI score0.01359EPSS
Exploits0References4Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2007/01/25 12:0 a.m.12 views

JVN#82258242 Shopping Basket Professional vulnerable to OS command injection

Impact A remote attacker could execute an arbitrary OS command on the server where Shopping Basket Professional v7 is installed. Solution Products Affected Shopping Basket Professional v7.50 and earlier For more information, refer to the vendor's website...

7.6AI score
Exploits0
seebug.org
seebug.org
added 2006/03/18 12:0 a.m.17 views

Python <= 2.4.2 realpath() Local Stack Overflow Exploit

No description provided by source. !/usr/bin/python gexp-python.py Python = 2.4.2 realpath Local Stack Overflow ----------------------------------------------- Against VA Space Randomization. Copyright c 2006 Gotfault Security Bug found and developed by: dx/vaxen Gotfault Security, posidron Tripb...

7.1AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2005/12/20 12:0 a.m.18 views

JVN#87830692 WebNote Clip vulnerable to OS command injection

Impact An attacker could execute an arbitrary OS command on the server with WebNote Clip installed. Solution Products Affected WebNote Clip 4.1.7 and earlier...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2005/07/19 12:0 a.m.116 views

Run any OS Command via unauthorized Oracle Forms

Name Run any OS Command via unauthorized Oracle Forms Systems Affected Oracle Web Forms 4.5, 5.0, 6.0, 6i, 9i, 10g Severity High Risk Category OS command execution Vendor URL http://www.oracle.com Author Alexander Kornbrust ak at red-database-security.com Date 18 July 2005 V 1.00 Advisory...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2005/07/19 12:0 a.m.113 views

Run any OS Command via unauthorized Oracle Reports

Name Run any OS Command via unauthorized Oracle Reports Systems Affected Oracle Reports 6.0, 6i, 9i, 10g Severity High Risk Category OS command execution Vendor URL http://www.oracle.com Author Alexander Kornbrust ak at red-database-security.com Date 19 July 2005 V 1.00 Advisory AKSEC2003-014...

Exploits0
Packet Storm
Packet Storm
added 2005/04/19 12:0 a.m.23 views

plsql_multiplestatement_injection.txt

/ Advanced SQL Injection in Oracle databases Executing OS Command with SQL Injection By Esteban Martinez Fayo [email protected] / CREATE OR REPLACE FUNCTION "SCOTT"."SQLI" return varchar2 authid currentuser as pragma autonomoustransaction; SqlCommand VARCHAR22048; BEGIN SqlCommand := ' CREATE OR...

0.1AI score
Exploits0
0day.today
0day.today
added 2005/04/13 12:0 a.m.29 views

Oracle Database PL/SQL Statement Multiple SQL Injection Exploits

Exploit for unknown platform in category local exploits ================================================================ Oracle Database PL/SQL Statement Multiple SQL Injection Exploits ================================================================ / Advanced SQL Injection in Oracle databases...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2005/04/13 12:0 a.m.11 views

Oracle 8.x9.x10.x Database - Multiple SQL Injections

Oracle 8.x9.x10.x Database - Multiple SQL Injections source: https://www.securityfocus.com/bid/13144/info Oracle database is reported prone to multiple SQL injection vulnerabilities. These issues exist due to insufficient sanitization of user-supplied data. These issues can be exploited using...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2003/07/25 12:0 a.m.68 views

paFileDB 3.1

============================ Security REPORT paFileDB 3.1 ============================ Product: paFileDB Version 3.1 and earlier Vulnerablities: arbitrary file-upload, path-traversal, arbitrary OS command-execution Vuln.-classes: http://www.owasp.org/asac/parametermanipulation/forms.shtml...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2003/07/13 12:0 a.m.47 views

W-Agora 4.1.5

============================= Security REPORT W-Agora 4.1.5 ============================= Product: W-Agora 4.1.5 maybe earlier Vulnerablities: information disclosure, path disclosure, arbitrary file-upload, OS command execution, cross site scripting Vuln.-Classes: Check out...

0.7AI score
Exploits0
Rows per page
Query Builder