14 matches found
EUVD-2014-2436
Malware in sbrugna...
EUVD-2013-3697
Malware in sbrugna...
Apache Log4j CVE-2017-5645 Remote Code Execution Vulnerability
Description Apache Log4j is prone to remote code-execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions. Apache Log4j 2.0-alpha1 through 2.8.1 ar...
Oracle Endeca Server Remote Command Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
CVE-2014-2399
Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 2.2.2 allows remote attackers to affect integrity via unknown vectors related to Oracle Endeca Information Discovery Formerly Latitude, a different vulnerability than CVE-2014-2400...
Oracle Endeca Server createDataStore method command execution
Added: 09/04/2013 CVE: CVE-2013-3763 BID: 61217 OSVDB: 95269 Background Oracle Endeca Server is a hybrid search-analytical database. Problem A vulnerability in the controlSoapBinding service allows remote attackers to execute arbitrary commands by sending a request for the createDataStore method...
Oracle Endeca Server createDataStore method command execution
Added: 09/04/2013 CVE: CVE-2013-3763 BID: 61217 OSVDB: 95269 Background Oracle Endeca Server is a hybrid search-analytical database. Problem A vulnerability in the controlSoapBinding service allows remote attackers to execute arbitrary commands by sending a request for the createDataStore method...
Oracle Endeca Server createDataStore method command execution
Added: 09/04/2013 CVE: CVE-2013-3763 BID: 61217 OSVDB: 95269 Background Oracle Endeca Server is a hybrid search-analytical database. Problem A vulnerability in the controlSoapBinding service allows remote attackers to execute arbitrary commands by sending a request for the createDataStore method...
Oracle Endeca Server createDataStore method command execution
Added: 09/04/2013 CVE: CVE-2013-3763 BID: 61217 OSVDB: 95269 Background Oracle Endeca Server is a hybrid search-analytical database. Problem A vulnerability in the controlSoapBinding service allows remote attackers to execute arbitrary commands by sending a request for the createDataStore method...
Oracle Endeca Server - Remote Command Execution (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Oracle Endeca Server Remote Command...
Oracle Endeca Server Remote Command Execution Vulnerability
This Metasploit module exploits a command injection vulnerability on the Oracle Endeca Server 7.4.0. The vulnerability exists on the createDataStore method from the controlSoapBinding web service. The vulnerable method only exists on the 7.4.0 branch and isn't available on the 7.5.5.1 branch. On...
Oracle Endeca Server Remote Command Execution
This module exploits a command injection vulnerability on the Oracle Endeca Server 7.4.0. The vulnerability exists on the createDataStore method from the controlSoapBinding web service. The vulnerable method only exists on the 7.4.0 branch and isn't available on the 7.5.5.1 branch. In addition, t...
Oracle Endeca Server createDataStore SOAP Request Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Endeca Server. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of requests to the controlSoapBinding web service. This service exposes...
Oracle Endeca Server attachDataStore SOAP Request Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Endeca Server. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of requests to the controlSoapBinding web service. This service exposes...