Microsoft SQL Server (MSSQL) Resolution Service Amplification Reflected DRDoS (UDP)

The remote Microsoft SQL Server MSSQL allows distributed reflection and amplification DRDoS attacks. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

博云非书资料管理系统存在通用型SQL注入

简要描述： 某非书资料管理系统存在通用型SQL注入 详细说明： 注入点ISBN http://202.206.242.26:88/poweb/requestiso.do?status=insert&METAID=7578&PropertyID=&ISBN=7-112-06320-5&SSH= http://202.197.107.11:8080/poweb/requestiso.do?status=insert&METAID=7578&PropertyID=&ISBN=7-112-06320-5&SSH=...

博云非书论文管理系统存在通用型SQL注入

简要描述： 论文管理系统存在通用型SQL注入 详细说明： 注入点：dbid和docid 搜索关键字：inurl:/docinfo.action?dbid= http://202.195.136.150/docinfo.action?dbid=72&docid=40824 http://202.199.163.37/docinfo.action?dbid=72&docid=40619 http://paper.buaalib.com/docinfo.action?dbid=72&docid=5793...

McAfee ePolicy Orchestrator Authenticated XXE Credentials Exposure

This module will exploit an authenticated XXE vulnerability to read the keystore.properties off of the filesystem. This properties file contains an encrypted password that is set during installation. What is interesting about this password is that it is set as the same password as the database 's...

McAfee ePolicy Orchestrator Authenticated XXE Credential Exposure Exploit

This Metasploit module will exploit an authenticated XXE vulnerability to read the keystore.properties off of the filesystem. This properties file contains an encrypted password that is set during installation. What is interesting about this password is that it is set as the same password as the...

某政府系统一处越权+一处SQL注入

简要描述： RT 详细说明： 山东农友软件公司官网:http://www.nongyou.com.cn/ 越权案例如下： http://221.2.149.47:8100/jubao/left.aspx http://222.135.109.70:8100/jubao/left.aspx http://123.134.189.60:8012/jubao/left.aspx http://218.56.40.229:8020/jubao/left.aspx http://222.135.127.190:7000/jubao/left.aspx 2.一处越权注入：...

SQL Server stored procedure Hacking（II）of the user to impersonate-vulnerability warning-the black bar safety net

Security pulse in the before provides SQL Server stored procedure Hacking series the first portion of the SQL Server stored procedure Hacking I of trusted database, now to translate the SQL Server stored procedure Hacking（II）of the user to impersonate on Application developers often use SQL Serve...

ObSecure ObSecure360 Unauthenticated SQL Injection

ObSecure ObSecure360 Unauthenticated SQL Injection Vulnerability Release Date: 23-Dec-2014 Software: ObSecure 360 http://obsecure.com.au/Solutions.html "obsecure is an innovative cyber security software company that provides high security information distribution and transfer solutions that take...

Firebird SQL Server Installed

Binary data firebirdinstalled.nbin...

Firebird SQL Server Remote Denial of Service (CVE-2014-9323)

The version of Firebird SQL Server installed on the remote host is vulnerable to a remote denial of service attack. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid80104; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate", value:"2021/06/03";...

用友某分战SQL注入第五弹

简要描述： 又来一发。。 详细说明： 注入URL： http://u9service.yonyou.com/servicehome/kmview.aspx?postid=ZS20100530204 sqlmap/1.0-dev - automatic SQL injection and database takeover tool http://sqlmap.org ! legal disclaimer: Usage of sqlmap for attacking targets without prior mutu consent is illegal. It is the end...

Veeam Explorer for Microsoft SQL Server displays no content

Challenge When performing a SQL Item Restore, Veeam Explorer for Microsoft SQL Server launches successfully, but no content is displayed. The following is an example of what should be seen when the restore is working properly: Cause The account used to perform Application-Aware Image Processing f...

用友某废弃站点存在SQL注入

简要描述： 晚上无聊,看看公司的网站有什么漏洞,哈哈,果然无意间又发现了一枚. 上一次提交公司的漏洞：http://www.wooyun.org/bugs/wooyun-2014-084920 为什么RANK一直没补啊，漏洞也不再我的列表下？ @疯狗 @xsser 详细说明： 存在地址:http://125.35.5.234:81/ ping dbmservice.yonyou.com 感觉是很老的站点,于是乎,在登录账号的时候输入了',果不其然,发现有注入 构造下URL:http://125.35.5.234:81/checkuser.asp?loginname=admin&pwd=1...

mysql: unspecified vulnerability related to SERVER:CHARACTER SETS (CPU October 2014)

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows remote authenticated users to affect availability via vectors related to SERVER:CHARACTER SETS...

SQL Buddy 1.3.3 Remote Code Execution

Exploit Title: SQL Buddy Remote Code Execution Date: November 29 2014 Exploit Author: Fady Osman @fadyosman Youtube Channel : https://www.youtube.com/user/cutehack3r Vendor Homepage: http://sqlbuddy.com/ Software Link: https://github.com/calvinlough/sqlbuddy/raw/gh-pages/sqlbuddy.zip Version: SQL...

某管理系统通用型SQL注入

简要描述： 某管理系统通用型SQL注入 详细说明： 厂商：南京苏亚星资讯科技开发有限公司 资源库管理系统 搜索引擎关键字：帮助 正在读取数据... 注册用户 系统用户 用户名: 密码: 南京苏亚星资讯科技开发 有一部分是内网使用，好不容易找到5个案例。...

Microsoft SQL Server Multiple Vulnerabilities (MS14-044)

Microsoft SQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft SQL Server SQLi SUSER_SNAME Windows Domain Account Enumeration

This module can be used to bruteforce RIDs associated with the domain of the SQL Server using the SUSERSNAME function via Error Based SQL injection. This is similar to the smblookupsid module, but executed through SQL Server queries as any user with the PUBLIC role everyone. Information that can ...

mysql: unspecified vulnerability related to SRCHAR (CPU July 2014)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier, and 5.6.17 and earlier, allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR...

Microsoft SQL Server SQLi Escalate Execute AS

This module can be used escalate privileges if the IMPERSONATION privilege has been assigned to the user via error based SQL injection. In most cases, this results in additional data access, but in some cases it can be used to gain sysadmin privileges. The syntax for injection URLs is:...