@regis-samurai/n8n (>=0.216.1 <=0.219.1), n8n-nodes-accelo (>=0.1.0 <=0.1.9) +11 more potentially affected by unknown CVE via n8n (>=0.138.0 <=0.93.0)

n8n NPM version =0.138.0, =0.216.1, =0.1.0, =0.18.0, =0.1.0, =0.1.0, =0.2.14, =0.1.0, =0.1.0, =0.0.2, =0.0.2, =1.1.3 Source cves: unknown CVE Source advisory: OSV:GHSA-VJF3-2GPJ-233V...

@regis-samurai/n8n (>=0.216.1 <=0.219.1), n8n-nodes-accelo (>=0.1.0 <=0.1.9) +11 more potentially affected by CVE-2026-27494 via n8n (>=0.138.0 <=0.93.0)

n8n NPM version =0.138.0, =0.216.1, =0.1.0, =0.18.0, =0.1.0, =0.1.0, =0.2.14, =0.1.0, =0.1.0, =0.0.2, =0.0.2, =1.1.3 Source cves: CVE-2026-27494 Source advisory: OSV:GHSA-MMGG-M5J7-F83H...

Oracle DB SQL Injection Via SYS.LT.ROLLBACKWORKSPACE

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.LT.ROLLBACKWORKSPACE', 'Description' = %q This module exploits a sql injection flaw in the ROLLBACKWORKSPACE...

Oracle DB 10gR2, 11gR1/R2 DBMS_JVM_EXP_PERMS OS Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB 10gR2, 11gR1/R2 DBMSJVMEXPPERMS OS Command Execution', 'Description' = %q This module exploits a flaw 0 day in DBMSJVMEXPPERMS package...

Oracle DB SQL Injection Via SYS.DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.DBMSCDCSUBSCRIBE.ACTIVATESUBSCRIPTION', 'Description' = %q This module will escalate an Oracle DB user to DBA by...

Oracle DB SQL Injection Via SYS.DBMS_METADATA.OPEN

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.DBMSMETADATA.OPEN', 'Description' = %q This module will escalate a Oracle DB user to DBA by exploiting an sql...

Oracle DB SQL Injection Via SYS.DBMS_METADATA.GET_XML

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.DBMSMETADATA.GETXML', 'Description' = %q This module will escalate an Oracle DB user to DBA by exploiting a sql...

Oracle DB SQL Injection In MDSYS.SDO_TOPO_DROP_FTBL Trigger

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection in MDSYS.SDOTOPODROPFTBL Trigger', 'Description' = %q This module will escalate an Oracle DB user to MDSYS by exploiting ...

Oracle DB Compliance Checks

Binary data oracledbcompliancecheck.nbin...

Oracle Instant Recovery fails with "Database is online. Failed to restore database files."

Challenge Instant Recovery of an Oracle DB with version 12.1-12.2 fails with the following error show in the console: Database is online. Failed to restore database files. Copy Veeam Log Example C:\ProgramData\Veeam\Backup\ExplorerStandByService\Logs\VEOR\InstantRecovery\session.log SSH output 3:...

U.S. Dept Of Defense: Followup - SQL Injection - https://██████████/██████/MSI.portal

Summary: Time based blind sql injection for parameter MSIadditionalFilterType1, at the following URL: https://███/███/MSI.portal?nfpb=true&pageLabel=msiportalpage61 Description: This is a follow up to a previous report I submitted: https://hackerone.com/reports/674838 The following page has a for...

Subex ROC Fraud Management System 7.4 SQL Injection Vulnerability

Subex ROC Fraud Management System version 7.4 suffers from a remote unauthenticated time-based blind SQL injection vulnerability. ======================================================================================= Subex ROC Fraud Management System v7.4 - Unauthenticated Blind-Time Based SQL...

Oracle DB SQL Injection via SYS.DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION

This module will escalate an Oracle DB user to DBA by exploiting a sql injection bug in the SYS.DBMSCDCSUBSCRIBE.ACTIVATESUBSCRIPTION package/function. This vulnerability affects to Oracle Database Server 9i up to 9.2.0.5 and 10g up to 10.1.0.4. This module requires Metasploit:...

India's leading IT companies TCS (Tata Consultancy Services) & Tech Mahindra is also not Secure !

India's leading IT companies TCS Tata Consultancy Services & Tech Mahindra is also not Secure ! Here are some proofs submitted to THN : The Hacker News by a Indian hacker - THEDREAMBOY , as shown below , which can easily prove that , YES ! India's leading IT companies TCS Tata Consultancy Service...

Oracle DB SQL Injection via SYS.DBMS_CDC_PUBLISH.CREATE_CHANGE_SET

The module exploits an sql injection flaw in the CREATECHANGESET procedure of the PL/SQL package DBMSCDCPUBLISH. Any user with execute privilege on the vulnerable package can exploit this vulnerability. By default, users granted EXECUTECATALOGROLE have the required privilege. This module requires...

Oracle DB SQL Injection in MDSYS.SDO_TOPO_DROP_FTBL Trigger

This module will escalate an Oracle DB user to MDSYS by exploiting a sql injection bug in the MDSYS.SDOTOPODROPFTBL trigger. After that exploit escalate user to DBA using "CREATE ANY TRIGGER" privilege given to MDSYS user by creating evil trigger in system scheme 2-stage attack. This module...

Oracle DB SQL Injection via DBMS_EXPORT_EXTENSION

This module will escalate an Oracle DB user to DBA by exploiting a sql injection bug in the DBMSEXPORTEXTENSION.GETDOMAININDEXMETADATA package. Note: This module has been tested against 9i, 10gR1 and 10gR2. This module requires Metasploit: https://metasploit.com/download Current source:...

Oracle DB 11g R1/R2 DBMS_JVM_EXP_PERMS OS Code Execution

This module exploits a flaw 0 day in DBMSJVMEXPPERMS package that allows any user with create session privilege to grant themselves java IO privileges. Identified by David Litchfield. Works on 11g R1 and R2 Windows only. This module requires Metasploit: https://metasploit.com/download Current...

Oracle DB SQL Injection via SYS.LT.MERGEWORKSPACE

This module exploits a sql injection flaw in the MERGEWORKSPACE procedure of the PL/SQL package SYS.LT. Any user with execute privilege on the vulnerable package can exploit this vulnerability. This module requires Metasploit: https://metasploit.com/download Current source:...

Oracle DB SQL Injection via SYS.DBMS_METADATA.OPEN

This module will escalate a Oracle DB user to DBA by exploiting an sql injection bug in the SYS.DBMSMETADATA.OPEN package/function. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL...