CVE-2016-3059

IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server aka IBM Spectrum Protect for Databases 6.3 before 6.3.1.7 and 6.4 before 6.4.1.9 and Tivoli Storage FlashCopy Manager for Microsoft SQL Server aka IBM Spectrum Protect Snapshot 3.1 before 3.1.1.7 and 3.2 before...

CIMA DocuClass ECM - Multiple Vulnerabilities

Exploit Title: CIMA DocuClass Enterprise Content Management - Multiple Vulnerabilities Date: July 15, 2016 Exploit Author: Karn Ganeshen ipositivesecurity.blogspot.com Vendor Homepage: cima-software.com Version: app version All Tested on: Microsoft Windows 2008 R2 DocuClass is a modular and...

CIMA DocuClass ECM - Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title: CIMA DocuClass Enterprise Content Management - Multiple Vulnerabilities Date: July 15, 2016 Exploit Author: Karn Ganeshen ipositivesecurity.blogspot.com Vendor Homepage: cima-software.com Version: app version All Tested on:...

CIMA DocuClass ECM - Multiple Vulnerabilities

CIMA DocuClass ECM - Multiple Vulnerabilities Exploit Title: CIMA DocuClass Enterprise Content Management - Multiple Vulnerabilities Date: July 15, 2016 Exploit Author: Karn Ganeshen ipositivesecurity.blogspot.com Vendor Homepage: cima-software.com Version: app version All Tested on: Microsoft...

Microsoft SQL Server Login Possible

Binary data mssqllogin.nbin...

CVE-2016-4530

OSIsoft PI SQL Data Access Server aka OLE DB 2016 1.5 allows remote authenticated users to cause a denial of service service outage and data loss via a message...

BadTunnel: Cross-Segment hijacking the broadcast Protocol-vulnerability warning-the black bar safety net

! 0x00 introduction This paper proposes a new attack model, can cross network segment hijacking the TCP/IP broadcast Protocol, we named it“BadTunnel” in. Using this method, you can achieve cross-subnet NetBIOS Name Service Spoofing attacks. Both the attacker and the user are in the same network...

XenMobile 10.x how to update SQL server password on Xenmobile

XenMobile 10.x -How to update SQL server password on Xenmobile server...

PHP 'odbc_bindcols' Function Denial of Service Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...

CVE-2015-8879

The odbcbindcols function in ext/odbc/phpodbc.c in PHP before 5.6.12 mishandles driver behavior for SQLWVARCHAR columns, which allows remote attackers to cause a denial of service application crash in opportunistic circumstances by leveraging use of the odbcfetcharray function to access a certain...

CVE-2015-8879

The odbcbindcols function in ext/odbc/phpodbc.c in PHP before 5.6.12 mishandles driver behavior for SQLWVARCHAR columns, which allows remote attackers to cause a denial of service application crash in opportunistic circumstances by leveraging use of the odbcfetcharray function to access a certain...

Code injection

The odbcbindcols function in ext/odbc/phpodbc.c in PHP before 5.6.12 mishandles driver behavior for SQLWVARCHAR columns, which allows remote attackers to cause a denial of service application crash in opportunistic circumstances by leveraging use of the odbcfetcharray function to access a certain...

CVE-2015-8879

The odbcbindcols function in ext/odbc/phpodbc.c in PHP before 5.6.12 mishandles driver behavior for SQLWVARCHAR columns, which allows remote attackers to cause a denial of service application crash in opportunistic circumstances by leveraging use of the odbcfetcharray function to access a certain...

How to Export SQL Logs

Purpose This article documents how to export logs from the two SQL database engines used by Veeam Backup & Replication: Microsoft SQL Server PostgreSQL Solution Microsoft SQL Server Log Collection The following steps require Microsoft SQL Server Management Studio SSMS. 1. Open Microsoft SQL Serve...

海天OA /loginverify.asp /LosePassAction.asp 两处post类型的sql注入

0x01 漏洞简介 提交时间： 2014-05-25 公开时间： 2014-08-21 漏洞类型： SQL注射漏洞 北京联杰海天科技有限公司是一家专业从事应用软件开发、集成服务的高科技企业，面向各类企事业单位开发、销售基于Internet/Intranet技术的系列软件产品，致力于政府机构及企业信息化和办公自动化建设。 目前，联杰公司凭借Microsoft系统平台上的开发经验，已经成功推出了基于Internet/Intranet平台的企业级网络应用系统。主打软件“海天OA”...

Configuring a SQL staging server to a Veeam Explorer gives “error: 25”

Challenge When configuring a staging SQL server for Veeam Explorers, the following error appears when a malformed server name is provided: A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify th...

Collected SQL Server transaction logs do not match any existing database backup: SQLINSTANCE\DATABASE

Challenge A SQL Server Transaction Log Backup task fails with the error: Collected SQL Server transaction logs do not match any existing database backup: SQLINSTANCE\DBNAME Copy Cause This error occurs because the collected transaction logs do not match the existing backup of the server. The most...

Transaction Log Truncation Failure for MSSQL Instances on Shared VHDX

Challenge When attempting to run a backup job for a Microsoft SQL Server that is in either a SQL Server Failover Cluster or AlwaysOn Failover Cluster with a shared VHDX, the backup job reports the warning: Failed to truncate transaction logs for SQL instances: . Possible reasons: lack of...

How to configure standalone SQL server, Database Mirroring, and Always on High Availability

How to configure standalone SQL server, Database Mirroring, and Always on High Availability...

How to Collect SQL Logs for Deadlock

Challenge To gather logs for SQL Deadlock troubleshooting. Cause Database actions can, in certain circumstances, cause deadlock issues. Solution Using SQL Server Management Studio Tools SSMS perform the following: 1. Connect to the Veeam Backup & Replication configuration database. 2. Expand...