Lucene search
K

7 matches found

Check Point Advisories
Check Point Advisories
added 2015/05/18 12:0 a.m.12 views

Oracle Endeca Server createDataStore Remote Command Execution - Ver2 (CVE-2013-3763)

A command execution vulnerability exists in Oracle Endeca Server. The vulnerability is due to the controlSoapBinding web service exposing the createDataStore method which contains a flaw that allows for the injection of arbitrary commands. A remote, unauthenticated attacker could exploit this...

5.5CVSS6.9AI score0.5984EPSS
Exploits8
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Oracle Endeca Server Remote Command Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2013/09/17 12:0 a.m.18 views

Oracle Endeca Server createDataStore Remote Command Execution (CVE-2013-3763)

A command execution vulnerability exists in Oracle Endeca Server. The vulnerability is due to the controlSoapBinding web service exposing the createDataStore method which contains a flaw that allows for the injection of arbitrary commands. A remote, unauthenticated attacker could exploit this...

5.5CVSS6.9AI score0.5984EPSS
Exploits8
Circl
Circl
added 2013/08/26 12:0 a.m.20 views

CVE-2013-3763

creationtimestamp| type| source ---|---|--- 2013-08-26 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/27877 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/oracleendecaexec.rb 2025-02-06 03:13:41+00:00| seen...

5.5CVSS5.7AI score0.5984EPSS
Exploits8References2
Exploit DB
Exploit DB
added 2013/08/26 12:0 a.m.37 views

Oracle Endeca Server - Remote Command Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Oracle Endeca Server Remote Command...

5.5CVSS7.4AI score0.5984EPSS
Exploits8
Metasploit
Metasploit
added 2013/08/21 5:47 p.m.35 views

Oracle Endeca Server Remote Command Execution

This module exploits a command injection vulnerability on the Oracle Endeca Server 7.4.0. The vulnerability exists on the createDataStore method from the controlSoapBinding web service. The vulnerable method only exists on the 7.4.0 branch and isn't available on the 7.5.5.1 branch. In addition, t...

5.5CVSS7.4AI score0.5984EPSS
Exploits8
CVE
CVE
added 2013/07/17 10:0 a.m.72 views

CVE-2013-3763

The CVE-2013-3763 vector is a command-injection vulnerability in Oracle Endeca Server (Oracle Fusion Middleware) affecting 7.4.0 and 7.5.1.1 via the controlSoapBinding createDataStore method. Connected advisories (CPAIs) describe remote command execution with a flaw that can be exploited by sendi...

5.5CVSS5.4AI score0.5984EPSS
Exploits8References3Affected Software1
Rows per page
Query Builder