Netvolution WCM CMS 3 SQL Injection

Exploit Title: Netvolution WCM - CMS v3 SQL Injection Exploit Type: Error-based SQL injection Date: Sun 02 Mar 2014 Exploit Author: projectzero labs Projectzero ID: projectzero2014-002-netvolutionsqli Vendor Homepage: http://www.netvolution.net && http://www.atcom.gr Version: 3 as vendor comfirme...

[Responder] a LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server

Responder is a LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. This tool is first an LLMNR and NBT-NS responder, it will answer to specific NBT-NS NetBIOS Name...

Cyber criminals targeting another cryptocurrency 'Primecoin' with malicious miners

Like Bitcoin, There are numerous other cryptocurrency similar in nature, including MasterCoin, ProtoShares, Litecoin, Peercoin, BitBar and many more. One of them is Primecoin sign: Ψ; code: XPM, a peer-to-peer open source cryptocurrency that implements a scientific computing proof-of-work system...

Buffer overflow

Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.0, and 12.2.1 allows remote attackers to affect confidentiality via unknown vectors related to DM Others...

CVE-2014-0379

Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0.x, 7.3.1.x, 12.2.0, 12.2.1, and 12.2.2 allows remote attackers to affect integrity via unknown vectors related to DM Others...

CVE-2014-0371

Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0.x, 7.3.1.x, 12.2.0, 12.2.1, and 12.2.2 allows remote authenticated users to affect integrity via unknown vectors related to DM Others...

CVE-2014-0372

Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.1, and 12.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to DM Others...

Buffer overflow

Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0.x, 7.3.1.x, 12.2.0, 12.2.1, and 12.2.2 allows remote authenticated users to affect integrity via unknown vectors related to DM Others...

Buffer overflow

Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0.x, 7.3.1.x, 12.2.0, 12.2.1, and 12.2.2 allows remote attackers to affect integrity via unknown vectors related to DM Others...

Buffer overflow

Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.1, and 12.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to DM Others...

CVE-2014-0372

Oracle Demantra (Demantra, Oracle) SQL Injection (CVE-2014-0372) affects version 12.2.1 and related 7.x/12.x lines; vulnerability is due to injectable queries in the Demantra application that could allow an attacker to extract credentials or modify content. Exploitation described as blind SQL inj...

CVE-2014-0371

Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0.x, 7.3.1.x, 12.2.0, 12.2.1, and 12.2.2 allows remote authenticated users to affect integrity via unknown vectors related to DM Others...

CVE-2014-0372

Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.1, and 12.2.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to DM Others...

CVE-2014-0371

CVE-2014-0371 relates to Oracle Demantra Demantra 12.2.1. The connected PacketStorm entry documents a Reflective Cross‑Site Scripting (XSS) vulnerability affecting Oracle Demantra 12.2.1, with a fix in 12.2.3. The exploit path involves crafted input in Demantra web pages such as editExecDefinitio...

CVE-2013-5795

Oracle Demantra has a backend Database Credentials Leak vulnerability (CVE-2013-5795) affecting Demantra Demand Management within Oracle Supply Chain Products Suite (versions including 12.2.1, 12.2.2, 12.2.3 and related 7.x/SQL-Server lines). The issue enables an attacker to retrieve database ins...

CVE-2013-5877

Mode C: CVE-2013-5877 affects Oracle Demantra Demantra/GraphServlet components across multiple 7.x and 12.2.x versions of Oracle Supply Chain Products Suite (including 7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.0, 12.2.1). Public details in connected sources describe an arbitrary file retrieval/local...

CVE-2013-5877

Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.0, and 12.2.1 allows remote attackers to affect confidentiality via unknown vectors related to DM Others...

CVE-2013-5795

Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.1, 12.2.2, and 12.2.3 allows remote attackers to affect confidentiality via unknown vectors related to DM Others...

SQL Server 弱口令 PoC

SQL Server在配置过程中往往被设置成弱密码，导致被黑客猜解到，造成若密码漏洞。 SQL Server...

MS-SQL Server Protocol - General Settings - Ver2 (CVE-2002-1123)

...