1377 matches found
Microsoft SQL Server Login Possible
Binary data mssqllogin.nbin...
PHP 'odbc_bindcols' Function Denial of Service Vulnerability
PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...
CVE-2015-8879
The odbcbindcols function in ext/odbc/phpodbc.c in PHP before 5.6.12 mishandles driver behavior for SQLWVARCHAR columns, which allows remote attackers to cause a denial of service application crash in opportunistic circumstances by leveraging use of the odbcfetcharray function to access a certain...
CVE-2015-8879
The odbcbindcols function in ext/odbc/phpodbc.c in PHP before 5.6.12 mishandles driver behavior for SQLWVARCHAR columns, which allows remote attackers to cause a denial of service application crash in opportunistic circumstances by leveraging use of the odbcfetcharray function to access a certain...
How to Export SQL Logs
Purpose This article documents how to export logs from the two SQL database engines used by Veeam Backup & Replication: Microsoft SQL Server PostgreSQL Solution Microsoft SQL Server Log Collection The following steps require Microsoft SQL Server Management Studio SSMS. 1. Open Microsoft SQL Serve...
海天OA /loginverify.asp /LosePassAction.asp 两处post类型的sql注入
0x01 漏洞简介 提交时间: 2014-05-25 公开时间: 2014-08-21 漏洞类型: SQL注射漏洞 北京联杰海天科技有限公司是一家专业从事应用软件开发、集成服务的高科技企业,面向各类企事业单位开发、销售基于Internet/Intranet技术的系列软件产品,致力于政府机构及企业信息化和办公自动化建设。 目前,联杰公司凭借Microsoft系统平台上的开发经验,已经成功推出了基于Internet/Intranet平台的企业级网络应用系统。主打软件“海天OA”...
V5shop 在cart.aspx处的参数spikeid存在SQL注入漏洞
举例: 通过谷歌搜索inurl:productpic.aspx,因为cart.aspx是需要登录才可以正常访问,但是注入的时候毫无影响。 案例: http://www.wolifu.com/cart.aspx?act=spikebuy&spikeid=3 D:\sqlmappython sqlmap.py -u "http://www.wolifu.com/cart.aspx?act=spikebuy&spik eid=3" -p "spikeid" | | 1.0-dev-nongit-20150806 | -| . | | | .'| . | || |||||,| | || ||...
用友GRP系统sql注射
简要描述: 用友GRP系统sql注射 详细说明: 用友GRP系统sql注射 链接:http://221.2.68.102:8888/R9iPortal/cm/cminfocontent.jsp?infoid=42 注射参数: Payload: infoid=-7911 UNION ALL SELECT 78,78,78,78,78,78,78,78,78,78,78,78, CHAR113+CHAR98+CHAR113+CHAR118+CHAR113+CHAR74+CHAR98+CHAR75+CHAR...
Siemens WinCC Microsoft SQL (MSSQL) Server Default Credentials (TCP/IP Listener)
The remote Microsoft SQL MSSQL Server has Siemens WinCC related default credentials set. SPDX-FileCopyrightText: 2015 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later...
Design/Logic Flaw
IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server aka Spectrum Protect for Databases 5.5 before 5.5.6.2, 6.3 before 6.3.1.6, 6.4 before 6.4.1.8, and 7.1 before 7.1.4; Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server aka Spectrum Prote...
CVE-2015-7404
CVE-2015-7404 affects IBM Tivoli Storage Manager products (Databases for SQL Server, Mail for Exchange, and FlashCopy Manager) when application tracing is enabled. The root issue is that the Change TSM Password operation (changetsmpassword) writes passwords in plaintext to application trace outpu...
CVE-2015-7404
IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server aka Spectrum Protect for Databases 5.5 before 5.5.6.2, 6.3 before 6.3.1.6, 6.4 before 6.4.1.8, and 7.1 before 7.1.4; Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server aka Spectrum Prote...
Multiple SQL Injection Vulnerabilities in Zend Framework MsSql and SQLite
Zend Framework is a set of open source PHP5 development framework , it is mainly used to develop Web programs and services . Multiple SQL injection vulnerabilities exist in Zend Framework MsSql and SQLite, allowing remote attackers to exploit the vulnerabilities to submit specially crafted SQL...
e-cology 时间盲注(hpid参数)
1、缺陷文件homepage/LoginHomepage.jsp 2、注入参数:hpid3、涉及厂商:泛微软件4、证明:sqlmap.py -u "http://localhost/homepage/LoginHomepage.jsp?hpid=52" --technique T --dbms "Microsoft SQL Server"...
MS SQL Server 20002005 - SQLNS.SQLNamespace COM Object Refresh() Unhandled Pointer
MS SQL Server 20002005 - SQLNS.SQLNamespace COM Object Refresh Unhandled Pointer % Function PaddingintLen Dim strRet, intSize intSize = intLen/2 - 1 For I = 0 To intSize Step 1 strRet = strRet & unescape"%u4141" Next Padding = strRet End Function Function PackDWORDstrPoint strTmp = replacestrPoin...
Multiple IBM Products Information Disclosure Vulnerabilities
IBM Tivoli Storage Manager TSM for Databases: Data Protection for Microsoft SQL Server is a product of IBM Corporation in the U.S. IBM TSM for Databases is a backup and recovery management solution for databases. IBM Tivoli Storage Manager for Mail is a software module that automates data...
CVE-2015-4949
IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server 7.1 before 7.1.2, Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server 7.1 before 7.1.2, and Tivoli Storage FlashCopy Manager 4.1 before 4.1.2 place cleartext passwords in exception...
Design/Logic Flaw
IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server 7.1 before 7.1.2, Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server 7.1 before 7.1.2, and Tivoli Storage FlashCopy Manager 4.1 before 4.1.2 place cleartext passwords in exception...
Design/Logic Flaw
IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server 5.5 before 5.5.6.1, 6.3 before 6.3.1.5, 6.4 before 6.4.1.7, and 7.1 before 7.1.2; Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server 5.5 before 5.5.1.1, 6.1 before 6.1.3.7, 6.3 before...
CVE-2015-6557
IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server 5.5 before 5.5.6.1, 6.3 before 6.3.1.5, 6.4 before 6.4.1.7, and 7.1 before 7.1.2; Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server 5.5 before 5.5.1.1, 6.1 before 6.1.3.7, 6.3 before...