CVE-2013-2137

Cross-site scripting XSS vulnerability in the "View Log" screen in the Webtools application in Apache Open For Business Project aka OFBiz 10.04.01 through 10.04.05, 11.04.01 through 11.04.02, and 12.04.01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2013-2137

CVE-2013-2137 describes an XSS vulnerability in the Webtools "View Log" screen of Apache OFBiz. Affected: OFBiz Webtools View Log in versions 10.04.01–10.04.05, 11.04.01–11.04.02, and 12.04.01. Root cause: log HTML content not properly encoded. Impact: remote attackers can inject arbitrary script...

[CVE-2013-2137] Apache OFBiz XSS vulnerability in the "View Log" screen of the Webtools application

CVE-2013-2137 - Apache OFBiz XSS vulnerability in the "View Log" screen of the Webtools application Vendor: The Apache Software Foundation Versions Affected: Apache OFBiz 10.04.01 to 10.04.05 Apache OFBiz 11.04.01 to 11.04.02 Apache OFBiz 12.04.01 Description: XSS vulnerability in the "View Log"...

[HconSTF Pentest Browser] Open Source Penetration Testing / Ethical Hacking Framework

HconSTF is Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessments.contains webtools which are powerful in doing xsscross site scripting, Sql injection,...

SAP DB 7.4 - WebTools Buffer Overflow (Metasploit)

$Id: sapdbwebtools.rb 9842 2010-07-16 02:33:25Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

Apache OFBiz SQL Remote Execution PoC Payload

Exploit for multiple platform in category remote exploits ============================================= Apache OFBiz SQL Remote Execution PoC Payload ============================================= / Apache OFBiz SQL Remote Execution PoC Payload. CVE: CVE-2010-0432 By: Lucas Apa lucas -at-...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Apache Open For Business Project aka OFBiz 09.04 and earlier, as used in Opentaps, Neogia, and Entente Oya, allow remote attackers to inject arbitrary web script or HTML via 1 the productStoreId parameter to control/exportProductListing, 2...

SAP DB 7.4 WebTools Buffer Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'SAP DB 7.4...

CVE-2009-3913

SQL injection vulnerability in summary.php in Xerox Fiery Webtools allows remote attackers to execute arbitrary SQL commands via the select parameter...

Sql injection

SQL injection vulnerability in summary.php in Xerox Fiery Webtools allows remote attackers to execute arbitrary SQL commands via the select parameter...

CVE-2009-3913

SQL injection vulnerability in summary.php in Xerox Fiery Webtools allows remote attackers to execute arbitrary SQL commands via the select parameter...

CVE-2009-3913

CVE-2009-3913 describes an SQL injection in Xerox Fiery Webtools, specifically in summary.php via the select parameter, allowing remote SQL execution. Affected: Xerox Fiery Webtools (summary.php). Impact per NVD CVSS v2: HIGH (7.5) with network attack vector, no authentication, and partial impact...

New vulnerability in Xerox Fiery Webtools

Hello i am from portugal and i would like to report a new vulnerability in Xerox Fiery Webtools. The probleam is in /wt3/ summary.php?select= if you and ' you have the possibility to exploit this condition to inject SQL code. Already have contact the vendor best regards Bernardo Trigo Qualidade e...

Xerox Fiery Webtools - SQL Injection

Xerox Fiery Webtools - SQL Injection Hello i am from portugal and i would like to report a new vulnerability in Xerox Fiery Webtools. The probleam is in /wt3/ summary.php?select= if you and ' you have the possibility to exploit this condition to inject SQL code. Already have contact the vendor be...

Xerox Fiery Webtools SQL Injection

No description provided by source. Hello i am from portugal and i would like to report a new vulnerability in Xerox Fiery Webtools. The probleam is in /wt3/ summary.php?select= if you and ' you have the possibility to exploit this condition to inject SQL code. Already have contact the vendor best...

Xerox Fiery Webtools - SQL Injection

Hello i am from portugal and i would like to report a new vulnerability in Xerox Fiery Webtools. The probleam is in /wt3/ summary.php?select= if you and ' you have the possibility to exploit this condition to inject SQL code. Already have contact the vendor best regards Bernardo Trigo Qualidade e...

Xerox Fiery Webtools SQL Injection

Exploit for unknown platform in category web applications ================================== Xerox Fiery Webtools SQL Injection ================================== Hello i am from portugal and i would like to report a new vulnerability in Xerox Fiery Webtools. The probleam is in /wt3/...

SAP DB 7.4 WebTools Buffer Overflow

This module exploits a stack buffer overflow in SAP DB 7.4 WebTools. By sending an overly long GET request, it may be possible for an attacker to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...

sapdb-seh.txt

/ Dreatica-FXP crew ---------------------------------------- Target : SAP DB 7.4 WebTools Site : http://www.sapdb.org Found by : NGSSoftware Insight Security Research ---------------------------------------- Exploit : SAP DB 7.4 WebTools Remote SEH overwrite exploit Exploit date : 07.07.2007...

SAP DB 7.4 - WebTools Remote Overwrite (SEH)

SAP DB 7.4 - WebTools Remote Overwrite SEH / Dreatica-FXP crew ---------------------------------------- Target : SAP DB 7.4 WebTools Site : http://www.sapdb.org Found by : NGSSoftware Insight Security Research ---------------------------------------- Exploit : SAP DB 7.4 WebTools Remote SEH...