Lucene search
K

116 matches found

ATTACKERKB
ATTACKERKB
added 2025/04/15 9:15 p.m.3 views

CVE-2025-21578

Vulnerability in Oracle Secure Backup component: General. Supported versions that are affected are 12.1.0.1, 12.1.0.2, 12.1.0.3, 18.1.0.0, 18.1.0.1 and 18.1.0.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Secure Backup executes t...

6.7CVSS7.1AI score0.0018EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/04/15 12:0 a.m.6 views

Oracle Secure Backup 安全漏洞

Oracle Secure Backup is a solution from Oracle Corporation USA that provides reliable data protection by backing up file systems to tape. A security vulnerability exists in Oracle Secure Backup that stems from mishandling of the General component, which could lead to a system takeover. The...

6.7CVSS7.2AI score0.0018EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/15 12:0 a.m.4 views

PT-2025-16403 · Oracle · Oracle Secure Backup

Name of the Vulnerable Software and Affected Versions: Oracle Secure Backup versions 12.1.0.1 through 12.1.0.3 Oracle Secure Backup versions 18.1.0.0 through 18.1.0.2 Description: The issue allows a high privileged attacker with logon to the infrastructure where Oracle Secure Backup executes to...

6.8CVSS6.7AI score0.0018EPSS
Exploits0References4
Qualys Blog
Qualys Blog
added 2025/01/23 5:17 a.m.67 views

Oracle Critical Patch Update, January 2025 Security Update Review

Oracle released its first quarterly edition of this year’s Critical Patch Update, which received patches for 318 security vulnerabilities. Some of the vulnerabilities addressed in this update impact more than one product. These patches address vulnerabilities in various product families, includin...

9.5CVSS9.4AI score0.99957EPSS
Exploits70
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.183 views

Oracle Secure Backup Exec_qr() Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Secure Backup execqr Command Injection Vulnerability', 'Description' = %q This module exploits a command injection vulnerability in Oracle...

10CVSS7AI score0.3857EPSS
Exploits9
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.201 views

Oracle Secure Backup Authentication Bypass / Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability', 'Description' = %q This module exploits an authentication bypass...

10CVSS7AI score0.72638EPSS
Exploits13
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.9 views

Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability

No description provided by source. $Id: osbunamejlist.rb 13591 2011-08-19 18:35:29Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

7.1AI score
Exploits0
Dsquare
Dsquare
added 2012/04/27 12:0 a.m.51 views

Oracle Secure Backup 10.3.0.1 RCE

Remote command execution vulnerability in Oracle Secure Backup Administration Server propertybox.php Vulnerability Type: Remote Command Execution For the exploit source code contact DSquare Security sales team...

10CVSS1.5AI score0.72638EPSS
Exploits13References4
Packet Storm
Packet Storm
added 2011/08/21 12:0 a.m.48 views

Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability

$Id: osbunamejlist.rb 13591 2011-08-19 18:35:29Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

5CVSS0.5AI score0.50625EPSS
Exploits6
Metasploit
Metasploit
added 2011/08/19 6:35 p.m.54 views

Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability

This module exploits an authentication bypass vulnerability in login.php. In conjunction with the authentication bypass issue, the 'jlist' parameter in propertybox.php can be used to execute arbitrary system commands. This module was tested against Oracle Secure Backup version 10.3.0.1.0 This...

5CVSS1AI score0.50625EPSS
Exploits6
0day.today
0day.today
added 2011/08/19 12:0 a.m.46 views

Oracle Secure Backup Authentication Bypass/Command Injection

Exploit for php platform in category web applications $Id: osbunamejlist.rb 13591 2011-08-19 18:35:29Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensin...

7.1AI score0.50625EPSS
Exploits6
Exploit DB
Exploit DB
added 2011/08/19 12:0 a.m.33 views

Oracle Secure Backup - Authentication Bypass/Command Injection (Metasploit)

$Id: osbunamejlist.rb 13591 2011-08-19 18:35:29Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

5CVSS7AI score0.50625EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2011/07/25 12:0 a.m.28 views

Oracle Secure Backup Administration Server login.php uname Parameter Arbitrary Command Injection

The version of Oracle Secure Backup Administration Server running on the remote host fails to adequately sanitize user-supplied input to the 'uname' parameter of 'login.php'. The system performs some sanitization which limits exploitation of this issue, but code execution is still possible. A...

10CVSS5.6AI score0.03244EPSS
Exploits0References5
Zero Day Initiative
Zero Day Initiative
added 2011/07/21 12:0 a.m.24 views

Oracle Secure Backup validate_login Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Secure Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the validatelogin function defined within /apache/htdocts/php/common.php. The...

7.5CVSS3.2AI score0.03244EPSS
Exploits0References1
NVD
NVD
added 2011/07/20 11:55 p.m.23 views

CVE-2011-2252

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.3.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2011-2261...

6.8CVSS5.9AI score0.01938EPSS
Exploits0References2
Cvelist
Cvelist
added 2011/07/20 11:0 p.m.22 views

CVE-2011-2251

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.3.0.3 allows remote attackers to affect integrity via unknown vectors...

5.9AI score0.01554EPSS
Exploits0References2
CVE
CVE
added 2011/07/20 11:0 p.m.50 views

CVE-2011-2251

CVE-2011-2251 is linked to Oracle Secure Backup Administration Server login.php XSS in the mode parameter. The Nessus plugin notes input is not properly sanitized, enabling a remote attacker to lure a user to a crafted URL and potentially execute arbitrary script code. This is the concrete detail...

4.3CVSS6AI score0.01554EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2011/01/19 4:0 p.m.18 views

CVE-2010-3596

Unspecified vulnerability in the modssl component in Oracle Secure Backup 10.3.0.2 allows remote attackers to affect integrity and availability via unknown vectors...

6.4CVSS6AI score0.01486EPSS
Exploits0References5
Prion
Prion
added 2011/01/19 4:0 p.m.14 views

Design/Logic Flaw

Unspecified vulnerability in the modssl component in Oracle Secure Backup 10.3.0.2 allows remote attackers to affect integrity and availability via unknown vectors...

6.4CVSS6.5AI score0.01486EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2011/01/19 3:0 p.m.22 views

CVE-2010-3596

Unspecified vulnerability in the modssl component in Oracle Secure Backup 10.3.0.2 allows remote attackers to affect integrity and availability via unknown vectors...

6AI score0.01486EPSS
Exploits0References5
Rows per page
Query Builder