Password Cracker: Databases

This module uses John the Ripper or Hashcat to identify weak passwords that have been acquired from the mssqlhashdump, mysqlhashdump, postgreshashdump, or oraclehashdump modules. Passwords that have been successfully cracked are then saved as proper credentials. Due to the complexity of some of t...

PostgreSQL COPY FROM PROGRAM Command Execution

Installations running Postgres 9.3 and above have functionality which allows for the superuser and users with 'pgexecuteserverprogram' to pipe to and from an external program using COPY. This allows arbitrary command execution as though you have console access. This module attempts to create a ne...

GHSA-9C2P-JW8P-F84V SQL Injection in sequelize

Affected versions of sequelize cast arrays to strings and fail to properly escape the resulting SQL statement, resulting in a SQL injection vulnerability. Proof of Concept In Postgres, SQLite, and Microsoft SQL Server there is an issue where arrays are treated as strings and improperly escaped...

SQL Injection in sequelize

Affected versions of sequelize cast arrays to strings and fail to properly escape the resulting SQL statement, resulting in a SQL injection vulnerability. Proof of Concept In Postgres, SQLite, and Microsoft SQL Server there is an issue where arrays are treated as strings and improperly escaped...

RATELIMITED: Information Disclosure PHPpgAdmin

PHPpgAdmin is a piece of script which allows system administrators to manage their Postgres databases easily from a webUI. We had forgotten to limit access to this script, resulting in the ability for a brute-force attack to happen...

CVE-2018-15441

A vulnerability in the web framework code of Cisco Prime License Manager PLM could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation of user-supplied input in SQL queries. An attacker could exploit this vulnerabilit...

Security update for python-Django (moderate)

This update for python-Django to version 2.08 fixes the following issues: The following security vulnerability was fixed: - CVE-2018-14574: Fixed an redirection vulnerability in CommonMiddleware boo1102680 The following other bugs were fixed: - Fixed a regression in Django 2.0.7 that broke the...

CVE-2016-7070

A privilege escalation flaw was found in the Ansible Tower. When Tower before 3.0.3 deploys a PostgreSQL database, it incorrectly configures the trust level of postgres user. An attacker could use this vulnerability to gain admin level access to the database...

openSUSE Security Update : python-Django (openSUSE-2018-914)

This update for python-Django to version 2.08 fixes the following issues : The following security vulnerability was fixed : - CVE-2018-14574: Fixed an redirection vulnerability in CommonMiddleware boo1102680 The following other bugs were fixed : - Fixed a regression in Django 2.0.7 that broke the...

postgresql: Certain host connection parameters defeat client-side security defenses

A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq were used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side...

@arpinum/postgres (>=4.0.0-beta12 <=4.0.0-beta14), appointmed-epr-template-common (>=0.0.46 <=0.0.65) +9 more potentially affected by CVE-2017-16082 via pg (>=6.2.2 <=6.2.3)

pg NPM version =6.2.2, =4.0.0-beta12, =0.0.46, =0.0.35, =0.13.3, =0.0.1, =0.0.1, =1.0.0, =1.0.3 - pg-promise-strict =0.3.4 - pgo =0.2.1 Source cves: CVE-2017-16082 Source advisory: OSV:GHSA-WC9V-MJ63-M9G5...

@emartech/me-psql-query-builder (>=1.0.0 <=1.1.0), @evocodes/parse-server (>=2.2.17 <=2.2.27) +50 more potentially affected by CVE-2017-16082 via pg (>=5.0.0 <=5.1.0)

pg NPM version =5.0.0, =1.0.0, =2.2.17, =0.9.28, =1.0.0, =0.4.0, =0.1.0, =0.0.2, =0.1.3, =0.2.30, =0.2.33 and more Source cves: CVE-2017-16082 Source advisory: OSV:GHSA-WC9V-MJ63-M9G5...

@keyv/postgres (>=1.0.7 <=1.0.9), keyv-postgres (>=1.0.5 <=1.0.6) +2 more potentially affected by CVE-2017-16082 via pg (>=7.1.0 <=7.1.1)

pg NPM version =7.1.0, =1.0.7, =1.0.5, =0.0.1, =0.0.3 Source cves: CVE-2017-16082 Source advisory: OSV:GHSA-WC9V-MJ63-M9G5...

@aliens-lyon.fr/ep_mypads (=1.7.24), @arpinum/postgres (>=1.0.0-beta <=4.0.0-beta11) +56 more potentially affected by CVE-2017-16082 via pg (>=6.1.0 <=6.1.5)

pg NPM version =6.1.0, =1.0.0-beta, =1.0.2, =0.0.1, =0.0.23, =0.1.1, =0.1.1, =0.0.2, =0.0.9, =1.6.5, =0.2.7, =1.0.2, =1.0.3 and more Source cves: CVE-2017-16082 Source advisory: OSV:GHSA-WC9V-MJ63-M9G5...

@starboard/models (>=2.0.0 <=3.0.1), @starboard/shared-backend (=3.0.0) +25 more potentially affected by CVE-2017-16082 via pg (>=6.0.0 <=6.0.4)

pg NPM version =6.0.0, =2.0.0, =0.6.0, =0.0.1, =1.0.0, =0.2.0, =0.1.0, =2.0.2, =1.3.1, =0.0.1, =0.0.4, =0.1.0, =0.3.3 and more Source cves: CVE-2017-16082 Source advisory: OSV:GHSA-WC9V-MJ63-M9G5...

Msploitego - Pentesting Suite For Maltego Based On Data In A Metasploit Database

msploitego leverages the data gathered in a Metasploit database by enumerating and creating specific entities for services. Services like samba, smtp, snmp, http have transforms to enumerate even further. Entities can either be loaded from a Metasploit XML file or taken directly from the Postgres...

CVE-2016-10554

sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. Before version 1.7.0-alpha3, sequelize defaulted SQLite to use MySQL backslash escaping, even though SQLite uses Postgres escapin...

CVE-2016-10554

sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. Before version 1.7.0-alpha3, sequelize defaulted SQLite to use MySQL backslash escaping, even though SQLite uses Postgres escapin...

CVE-2016-10553

sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. A fix was pushed out that fixed potential SQL injection in sequelize 2.1.3 and earlier...

CVE-2016-10553

sequelize is an Object-relational mapping, or a middleman to convert things from Postgres, MySQL, MariaDB, SQLite and Microsoft SQL Server into usable data for NodeJS. A fix was pushed out that fixed potential SQL injection in sequelize 2.1.3 and earlier...