Lucene search
K

7 matches found

Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.157 views

Oracle Demantra Database Credentials Leak

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Demantra Database Credentials Leak', 'Description' = %q This module exploits a database credentials leak found in Oracle Demantra 12.2.1 i...

5CVSS6.6AI score0.59558EPSS
Exploits7
Metasploit
Metasploit
added 2014/04/07 6:42 p.m.30 views

Oracle Demantra Database Credentials Leak

This module exploits a database credentials leak found in Oracle Demantra 12.2.1 in combination with an authentication bypass. This way an unauthenticated user can retrieve the database name, username and password on any vulnerable machine. This module requires Metasploit:...

5CVSS6.8AI score0.59558EPSS
Exploits7
Prion
Prion
added 2014/03/27 6:55 p.m.21 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-5880. Reason: This candidate is a duplicate of CVE-2013-5880. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2013-5880 instead of this candidate. All references and descriptions in this...

6.6AI score0.59558EPSS
Exploits5
CVE
CVE
added 2014/03/27 6:0 p.m.38 views

CVE-2014-5880

CVE-2014-5880 is a duplicate of CVE-2013-5880. Oracle Demantra 12.2.1 includes an authentication bypass: the loginCheck.jsp whitelisted URL can be accessed unauthenticated to reach restricted pages. A fix exists in 12.2.3. Public details cite Portcullis advisories and the associated CVE-2013-5880...

6.2AI score
Exploits5
Packet Storm
Packet Storm
added 2014/03/02 12:0 a.m.59 views

Oracle Demantra 12.2.1 Authentication Bypass

Vulnerability title: Authentication Bypass in Oracle Demantra CVE: CVE-2013-5880 Vendor: Oracle Product: Demantra Affected version: 12.2.1 Fixed version: 12.2.3 Reported by: Oliver Gruskovnjak Details: The authentication filter in Oracle Demantra is broken by design. For example the page:...

5CVSS0.8AI score0.59558EPSS
Exploits5
CVE
CVE
added 2014/01/15 12:30 a.m.62 views

CVE-2013-5880

CVE-2013-5880 concerns Oracle Demantra Demand Management (Oracle Demantra, part of Oracle Supply Chain) with vulnerable versions including 12.2.1 and related 12.2.x lines. Connected documents confirm concrete details: authentication bypass and credential leakage scenarios affecting Demantra 12.2....

5CVSS5.5AI score0.59558EPSS
Exploits5References6Affected Software1
Circl
Circl
added 2014/01/14 12:0 a.m.26 views

CVE-2013-5880

creationtimestamp| type| source ---|---|--- 2014-01-14 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39018 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/oracledemantrafileretrieval.rb 2018-05-29...

5CVSS5.5AI score0.59558EPSS
Exploits5References3
Rows per page
Query Builder