1377 matches found
S-CMS Hospital Website Builder System has SQL Injection Vulnerability in Frontend
S-CMS hospital station building system is developed by asp+access/mssql, easy to operate, convenient, support PC+mobile+WeChat. There is a SQL injection vulnerability in the frontend of S-CMS Hospital Building System. An attacker can exploit the vulnerability to obtain sensitive information from...
Microsoft SQL Server Management Studio (SSMS) Installed
Binary data microsoftssmsinstalled.nbin...
Microsoft SQL Server Management Studio Multiple vulnerabilities (October 2018)
The version of Microsoft SQL Server Management Studio installed on the remote Windows host is a version prior or equal to 17.9, 18.0 Preview 4. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's...
Microsoft SQL Server Management Studio 17.9 / 18.0 Preview 4 XML Injection
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-SQL-SERVER-MGMT-STUDIO-XMLA-FILETYPE-XML-INJECTION-CVE-2018-8532.txt + ISR: ApparitionSec + Zero Day Initiative Program Vendor www.microsoft.com Product SQL Server...
Microsoft SQL Server Management Studio 17.9 / 18.0 Preview 4 XML Injection
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-SQL-SERVER-MGMT-STUDIO-REGSRVR-FILES-XML-INJECTION-CVE-2018-8533.txt + ISR: ApparitionSec + Zero Day Initiative Program Vendor www.microsoft.com Product SQL Server...
Microsoft SQL Server Management Studio 17.9 - .xmla XML External Entity Injection Vulnerability
Exploit for windows platform in category web applications...
Microsoft SQL Server Management Studio 17.9 - XML External Entity Injection
Exploit Title: Microsoft SQL Server Management Studio 17.9 - XML External Entity Injection Date: 2018-10-10 Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Venodor: www.microsoft.com Software: SQL Server Management Studio 17.9 and SQL Server Management Studio 18.0 Preview 4 CVE:...
Microsoft SQL Server Management Studio 17.9 - .xel XML External Entity Injection Vulnerability
Exploit for windows platform in category web applications Exploit Title: Microsoft SQL Server Management Studio 17.9 - '.xel' XML External Entity Injection Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Venodor: www.microsoft.com Software: SQL Server Management Studio 17.9 and...
Microsoft SQL Server Management Studio 17.9 - .xmla XML External Entity Injection
Microsoft SQL Server Management Studio 17.9 - .xmla XML External Entity Injection Exploit Title: Microsoft SQL Server Management Studio 17.9 - '.xmla' XML External Entity Injection Date: 2018-10-10 Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Venodor: www.microsoft.com...
CVE-2018-8533
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio SSMS when parsing malicious XML content containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This affects SQL Server Management Studio 17.9, S...
Information disclosure
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio SSMS when parsing a malicious XMLA file containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This affects SQL Server Management Studio 17.9, S...
CVE-2018-8532
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio SSMS when parsing a malicious XMLA file containing a reference to an external entity, aka "SQL Server Management Studio Information Disclosure Vulnerability." This affects SQL Server Management Studio 17.9, S...
Microsoft SQL Server Management Studio xmla File XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft SQL Server Management Studio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
Microsoft SQL Server Management Studio xel File XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft SQL Server Management Studio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
SQL Server Management Studio Information Disclosure Vulnerability
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio SSMS when parsing malicious XML content containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity declaratio...
Microsoft SQL Server Management Studio CVE-2018-8533 Information Disclosure Vulnerability
Description Microsoft SQL Server Management Studio is prone to an information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft SQL Server Management Studio 17.9 Microsoft SQL Server...
KLA11888 Multiple vulnerabilties in Microsoft SQL Server
An information disclosure vulnerabilities were found in Microsoft SQL Server. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2018-8527 CVE-2018-8532 CVE-2018-8533 Exploitation Public exploits exist for this vulnerability. Related products...
Microsoft SQL Server Management Studio CVE-2018-8527 Information Disclosure Vulnerability
Description Microsoft SQL Server Management Studio is prone to an information-disclosure vulnerability. An attacker can leverage this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft SQL Server Management Studio 17.9 Microsoft SQL Server...
Intel Extreme Tuning Utility 6.4.1.23 Code Execution / Privilege Escalation Vulnerabilities
Intel Extreme Tuning Utility version 6.4.1.23 suffers from code execution, privilege escalation, and denial of service vulnerabilities. Intel Extreme Tuning Utility 6.4.1.23 Code Execution / Privilege Escalation Hi @ll, the executable installer of the Intel Extreme Tuning Utility, version 6.4.1.2...
CVE-2018-16659
An issue was discovered in Rausoft ID.prove 2.95. The login page allows SQL injection via Microsoft SQL Server stacked queries in the Username POST parameter. Hypothetically, an attacker can utilize master..xpcmdshell for the further privilege elevation...