8 matches found
CVE-2019-16383
MOVEit.DMZ.WebApi.dll in Progress MOVEit Transfer 2018 SP2 before 10.2.4, 2019 before 11.0.2, and 2019.1 before 11.1.1 allows an unauthenticated attacker to gain unauthorized access to the database. Depending on the database engine being used MySQL, Microsoft SQL Server, or Azure SQL, an attacker...
CVE-2019-16383
creationtimestamp| type| source ---|---|--- 2024-11-14 06:07:02+00:00| seen| MISP/50a7f37a-14f7-4511-8ab1-8a763c41fb3c...
MOVEit Transfer 11.1.1 - (token) Unauthenticated SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: MOVEit Transfer 11.1.1 - 'token' Unauthenticated SQL Injection Google Dork: inurl:human.aspx intext:moveit Exploit Authors: Aviv Beniash, Noam Moshe Vendor Homepage: https://www.ipswitch.com/ Version: MOVEit Transfer 2018 SP2...
MOVEit Transfer 11.1.1 - 'token' Unauthenticated SQL Injection
Exploit Title: MOVEit Transfer 11.1.1 - 'token' Unauthenticated SQL Injection Google Dork: inurl:human.aspx intext:moveit Date: 2020-04-12 Exploit Authors: Aviv Beniash, Noam Moshe Vendor Homepage: https://www.ipswitch.com/ Version: MOVEit Transfer 2018 SP2 before 10.2.4, 2019 before 11.0.2, and...
CVE-2019-16383
MOVEit.DMZ.WebApi.dll in Progress MOVEit Transfer 2018 SP2 before 10.2.4, 2019 before 11.0.2, and 2019.1 before 11.1.1 allows an unauthenticated attacker to gain unauthorized access to the database. Depending on the database engine being used MySQL, Microsoft SQL Server, or Azure SQL, an attacker...
CVE-2019-16383
CVE-2019-16383 affects Progress MOVEit Transfer via MOVEit.DMZ.WebApi.dll in MOVEit Transfer 2018 SP2 before 10.2.4, 2019 before 11.0.2, and 2019.1 before 11.1.1. The Red Hat/CIRCL/CNVD entries confirm an unauthenticated SQL injection via the REST API that can cause database access breaches. Affe...
CVE-2019-16383
MOVEit.DMZ.WebApi.dll in Progress MOVEit Transfer 2018 SP2 before 10.2.4, 2019 before 11.0.2, and 2019.1 before 11.1.1 allows an unauthenticated attacker to gain unauthorized access to the database. Depending on the database engine being used MySQL, Microsoft SQL Server, or Azure SQL, an attacker...
SQL Servers Time-based SQL Injection (CVE-2011-4710; CVE-2019-13978; CVE-2019-16065; CVE-2019-16119; CVE-2019-16383; CVE-2019-16692; CVE-2020-15468; CVE-2020-26518; CVE-2020-29284; CVE-2021-21915; CVE-2021-21916; CVE-2021-21917; CVE-2022-23337; CVE-2022-25149)
SQL injection techniques can allow remote attackers to execute SQL commands on SQL servers. Successful exploitation could allow attacker to disclose confidential information, modify or shut down the database or execute arbitrary code on affected servers...