53 matches found
CVE-2015-4160
SQL injection vulnerability in SAP ASE Database Platform allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Notes: 2152278...
Sql injection
SQL injection vulnerability in SAP ASE Database Platform allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Notes: 2152278...
CVE-2015-4160
SQL injection vulnerability in SAP ASE Database Platform allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Notes: 2152278...
CVE-2015-4159
SQL injection vulnerability in SAP HANA Web-based Development Workbench allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Notes 2153892...
CVE-2015-4159
The CVE-2015-4159 entry concerns SAP HANA Web-based Development Workbench with an SQL injection vulnerability. The affected component is the Web-based Development Workbench in SAP HANA, where remote attackers can submit specially crafted SQL commands to manipulate or obtain data. The root cause i...
[CORE-2015-0009] - SAP LZC/LZH Compression Multiple Vulnerabilities
Advisory Information Title: SAP LZC/LZH Compression Multiple Vulnerabilities Advisory ID: CORE-2015-0009 Advisory URL: http://www.coresecurity.com/advisories/sap-lzc-lzh-compression-multiple-vulnerabilities Date published: 2015-05-12 Date of last update: 2015-05-12 Vendors contacted: SAP Release...
SAP LZC/LZH Compression Multiple Vulnerabilities
Advisory ID Internal CORE-2015-0009 1. Advisory Information Title: SAP LZC/LZH Compression Multiple Vulnerabilities Advisory ID: CORE-2015-0009 Advisory URL:https://www.coresecurity.com/core-labs/advisories/sap-lzc-lzh-compression-multiple-vulnerabilities Date published: 2015-05-12 Date of last...
Nearly 95% of SAP Systems Vulnerable to Hackers
More than 95 percent of enterprise SAP installations exposed to high-severity vulnerabilities that could allow attackers to hijack a company's business data and processes, new research claims entirely. According to a new assessment released by SAP short for Systems, Applications & Products...
SAP NetWeaver HostControl Command Injection
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
SAP NetWeaver Portal XMLValidationComponent - XXE
Application: SAP NetWeaver Portal Versions Affected: SAP NetWeaver Portal 7.31.201109172004 Vendor URL: http://www.sap.com Bugs: XML External Entity Reported: 06.11.2014 Vendor response: 07.11.2014 Date of Public Advisory: 15.02.2015 Reference: SAP Security Note 2093966 Authors: Vahagn Vardanyan...
FLDS 1.2a - 'lpro.php' SQL Injection
Free Links Directory Script id SQL Injection Vulnerability Author: nuclear site: http://flds-script.com vuln: http://localhost/path/lpro.php?id=-1 UNION SELECT 1,concatusername,0x3a,password,3,4,5,6,7,8,9,10,11 from users demo:...
SAP Web Dynpro Java (BC-WD-JAV) Vulnerability
COMPASS SECURITY ADVISORY http://www.csnc.ch/ Product: NetWeaver, Web Dynpro Java BC-WD-JAV Vendor: SAP Subject: Multiple XSS, HTML Injection Risk: Medium Effect: Remotely exploitable Author: Cyrill Brunschwiler [email protected] Date: June, 17th 2007 Introduction: ------------- Compass...
Several Things about IE bugs
Several Things about IE bugs: 1st, i coded a stable demo of 1stCleanRc: http://www.safecenter.net/UMBRELLAWEBV4/1stCleanRc/1stCleanRc-Xp/index.html some anti-Virus firewall tools may detect this exploit as a virus, but most of these tools will fail if the exploit files are changed.malware also...