用友某CRM某页面SQL注入（无需登录)

简要描述： sql 盲注 详细说明： 用友turbocrm 。根据搜索引起的结果得知多为中小企业使用。数量还不少。 其找回密码的接口存在sql 注入。 比如http://118.122.126.76:7788/login/forgetpswd.php?loginsys=3&orgcode=111&loginname=1111 GET 不需要登录可以直接注入，不过是时间盲注，比较慢，其后端数据库使用sql server。多数没有设置良好的安全基线，可以直接执行命令。 经过测试发现并不是所有的turiocrm版本都存在，存在该链接的版本基本都有漏洞。...

用友软件股份有限公司流通与零售行业事业部POST注射

简要描述： 用友软件分站流通与零售行业事业部某处出现POST注射， SA权限。只发现问题，不深入，不作恶。 详细说明： http://soft-sk.yonyou.com/service/jszc.jsp URL asktypeid=---注射点---&enddate=JyI%3d&prikey=1&startdate=01/01/1967&Submit=%b2%e9%d1%af POST数据 漏洞证明： web application technology: JSP back-end DBMS: Microsoft SQL Server 2008 current user: 'sa'...

Hexorbase - Multiple Database Management and Audit Tool

HexorBase is a database application designed for administering and auditing multiple database servers simultaneously from a centralized location, it is capable of performing SQL queries and bruteforce attacks against common database servers MySQL, SQLite, Microsoft SQL Server, Oracle, PostgreSQL...

Release Information for Veeam Backup & Replication 7 Patch 4

More Recent Version Available Please find the latest version of Veeam Backup & Replication here: Veeam Downloads - Latest Version Challenge Veeam Backup & Replication Patch 4 Release Notes Cause Please confirm you are running version 7.0.0.690, 7.0.0.715, 7.0.0.764, 7.0.0.771, 7.0.0.833, 7.0.0.83...

用友某通用系统sql注入

简要描述： 用友某通用系统注入 详细说明： 用友TurboCRM存在通用sql注入 http://www.qinyuancrm.com/login/forgetpswd.php?orgcode=1&loginname=dsdfsfds loginname参数存在mssql timebased盲注 Place: GET Parameter: loginname Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: orgcode=1&loginname=dsdfsfds';...

How to migrate Veeam Backup & Replication or Veeam Backup Enterprise Manager

Veeam Backup & Replication Migration Details regarding Veeam Backup & Replication migration are now fully documented in the product user guide. Please review the following documentation: Migrating Veeam Backup & Replication to Another Server Other Migration Types: Migrating Veeam Backup &...

SQL Servers MySQL Vendor-specific SQL Injection

SQL injection techniques can allow remote attackers to execute SQL commands on SQL servers. Successful exploitation could allow attacker to disclose confidential information, modify or shut down the database or execute arbitrary code on affected servers...

大汉版通政府信息公开系统SQL注射2

简要描述： SQL 详细说明： 政府信息公开系统 某处sql注射漏洞 另一个文件里的参数 注入点 zfxxgk/serviceobjectinfo.jsp?servicebm= servicebm过滤不严存在注射 政府网站案例 sqlmap.py -u "http://xxgk.sihong.gov.cn/zfxxgk/serviceobjectinfo.jsp?s ervicebm=" --is-dba --dbs --- Place: GET Parameter: servicebm Type: boolean-based blind Title: AND boolean-based...

大汉版通政府信息公开系统SQL注射

简要描述： 政府信息公开系统 详细说明： 政府信息公开系统 某处sql注射漏洞 注入点 zfxxgk/subjectinfo.jsp?subjectbm= subjectbm参数过滤不严，导致注入 政府网站案例 sqlmap.py -u "http://xxgk.sihong.gov.cn/zfxxgk/subjectinfo.jsp?subjectbm=" --is-dba --dbs payload Place: GET Parameter: subjectbm Type: boolean-based blind Title: AND boolean-based blind -...

bug vulnerability handling mechanism system-bugtracker-bug warning-the black bar safety net

For the company configured a Bug tracking system, 找到BugTracker.NET,read a bit, the translation of which is configuration. After a research experience then put up to share. A friend in need can be the following URL to download http://sourceforge.net/project/showfiles.php?groupid=66812 BugTracker...

Microsoft SQL Server Unsupported Version Detection (remote check)

According to its self-reported version number, the installation of Microsoft SQL Server on the remote host is no longer supported. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it is likely to contain security vulnerabilities...

SQL Log Files (LDF) Not Smaller After Truncation

Challenge After Veeam Backup & Replication or Veeam Agent for Microsoft Windows successfully truncates a SQL Server Database with Application-Aware Processing enabled, the SQL Log File .ldf does not become smaller. Cause This is due to the fact that the LDF file itself is a container, when...

SQL Server Fails with error VSSControl: -2147024809 Backup job failed. Discovery phase failed.

This KB provides information when SQL fails with this error due to a logical file path...

CVE-2014-2869

PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to obtain sensitive information via requests to unspecified URIs, as demonstrated by pathname, SQL server, e-mail address, and IP address information...

Information disclosure

PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to obtain sensitive information via requests to unspecified URIs, as demonstrated by pathname, SQL server, e-mail address, and IP address information...

CVE-2014-2869

PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to obtain sensitive information via requests to unspecified URIs, as demonstrated by pathname, SQL server, e-mail address, and IP address information...

强智科技教务系统存在SQL注入漏洞导致多校中枪……

简要描述： 强智科技教务系统存在SQL注入漏洞，多校中枪…… 详细说明： 这个算是CMS吧？ 中枪学校及注入点 湖南商学院：http://jwgl.hnuc.edu.cn/Public/ShowGGTZ.asp?GGTZID=317【这里】 北京城市学院：http://114.255.66.248/jiaowu/Public/ShowGGTZ.asp?GGTZID=218【这里】 焦作大学：http://jw.jzu.cn/jiaowu/Public/ShowGGTZ.asp?GGTZID=1155【这里】...

MS09-062: Vulnerabilities in GDI+ Could Allow Remote Code Execution (957488) (uncredentialed check)

The remote host has a version of SQL Server that may host the RSClientPrint ActiveX control that includes a copy of gdiplus.dll that is affected by multiple buffer overflow vulnerabilities when viewing TIFF, PNG, BMP, and Office files that could allow an attacker to execute arbitrary code on the...

MS11-049: Vulnerability in the Microsoft XML Editor Could Allow Information Disclosure (2543893) (uncredentialed check)

An application on the remote host has an information disclosure vulnerability. When parsing a specially crafted Web Service Discovery .disco file, external XML entities are allowed for untrusted user input. A remote attacker could exploit this by tricking a user into opening a specially crafted...

Netvolution 'm'参数SQL注入漏洞

Bugtraq ID:65942 Netvolution是一款基于WEB内容管理软件。 Netvolution不正确过滤用户提交的'm'参数数据，允许远程攻击者利用漏洞提交特制的请求，可操作或获取数据库数据。 0 Netvolution 3.0 目前没有详细解决方案提供： http://www.netvolution.net sqlmap output: Place: Get Parameter: m Type: error-based Title: Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause...