Security Advisory - Two Buffer Overflow Vulnerabilities in the GaussDB

GaussDB has a buffer overflow vulnerability. An authenticated, remote attacker could use a specially crafted string in an SQL query to cause the database to crash, or lead to privilege escalation. Vulnerability ID: HWPSIRT-2017-05016 This vulnerability has been assigned a Common Vulnerabilities a...

InsightVM/Nexpose Patch Tuesday Reporting

Many of our customers wish to report specifically on Microsoft patch related vulnerabilities. This often includes specific vulnerabilities that are patched in Patch Tuesday updates. This post will show you the various ways that you can create reports for each of these. Remediation Projects...

Joomla! v3. 7 SQL injection high-risk vulnerability is a technical analysis of CVE-2017-8917-a vulnerability warning-the black bar safety net

comfields components loopholes, comfields Assembly is in 3. 7 version Added, if you use this version, will be affected and should be updated soon. This component publicly accessible, which means that any be able to access your site the user can initiate the attack. Vulnerability details ! From th...

Huiwen opac of the library back door leads to the source of the leak

0x00 description Hui Wen libsys library opac system is a colleges and universities to use more of the system, the user has Xiamen University, Nanjing University, Dalian Polytechnic University, Nankai University and many other schools. The system used is Oracle + the php, not from public contact t...

TYPO3 CMS news management module SQL injection vulnerability

The News module, the 20th most used module of TYPO3, is subject to an SQL injection vulnerability. Although the author has been contacted numerous times in the span of 4 months, no fix has been provided. We are therefore releasing the details. Also, it should be noted that the vulnerability is on...

CVE-2016-8940

IBM Tivoli Storage Manager IBM Spectrum Protect 6.1, 6.2, 6.3, and 7.1 does not perform sufficient authority checking on SQL queries. As a result, an attacker is able to submit SQL queries that access database tables that are not intended for access or use by administrators. The access of these...

IBM Spectrum Protect Server 7.1.1.0 - 7.1.7.0 SELECT Command RCE

IBM Spectrum Protect, formerly known as Tivoli Storage Manager, installed on the remote host is version 7.1.1.0 through 7.1.7.0. It is, therefore, affected by a buffer overflow condition when handling the SELECT command in a SQL query due to improper validation of input. An authenticated, remote...

Buffer overflow

IBM Tivoli Storage Manager Server 7.1 could allow an authenticated user with TSM administrator privileges to cause a buffer overflow using a specially crafted SQL query and execute arbitrary code on the server. IBM Reference : 1998747...

CVE-2016-8998

IBM Tivoli Storage Manager Server 7.1 could allow an authenticated user with TSM administrator privileges to cause a buffer overflow using a specially crafted SQL query and execute arbitrary code on the server. IBM Reference : 1998747...

CVE-2016-8998

IBM Tivoli Storage Manager Server 7.1 could allow an authenticated user with TSM administrator privileges to cause a buffer overflow using a specially crafted SQL query and execute arbitrary code on the server. IBM Reference : 1998747...

Sql injection

An issue was discovered in dotCMS through 3.6.1. The findChildrenByFilter function which is called by the web accessible path /categoriesServlet performs string interpolation and direct SQL query execution. SQL quote escaping and a keyword blacklist were implemented in a new class, SQLUtil...

Schoolhos CMS 2.29 - Remote Code Execution SQL Injection

Schoolhos CMS 2.29 - Remote Code Execution SQL Injection \x0d\x0a-----------------------------26518470919255\x0d\x0a\x0d\x0a' \ 'http://HOST/PATH/elearningku/proses.php?pilih=guru&untukdi=upload'...

Alienvault OSSIM/USM 5.3.1 - SQL Injection Vulnerability

Exploit for php platform in category web applications Details ======= Product: Alienvault OSSIM/USM Vulnerability: SQL Injection Author: Peter Lapp, lappsec gmail com CVE: CVE-2016-8582 Vulnerable Versions: =5.3.1 Fixed Version: 5.3.2 Vulnerability Details ===================== A SQL injection...

CVE-2016-8582

A vulnerability exists in gauge.php of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to execute an arbitrary SQL query and retrieve database information or read local system files via MySQL's LOADFILE...

Design/Logic Flaw

A vulnerability exists in gauge.php of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to execute an arbitrary SQL query and retrieve database information or read local system files via MySQL's LOADFILE...

CVE-2016-8582

A vulnerability exists in gauge.php of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to execute an arbitrary SQL query and retrieve database information or read local system files via MySQL's LOADFILE...

Microsoft SQL Server 2014 12.0.x.x < 12.0.2381.0 Multiple Vulnerabilities (2977316)

Binary data 9705.prm...

Microsoft SQL Server 2008 10.00.x.x < 10.00.5869.00 Multiple Vulnerabilities (2984340)

Binary data 9702.prm...

Microsoft SQL Server 2012 11.0.x.x < 11.0.3460.0 Multiple Vulnerabilities (2977325)

Binary data 9704.prm...

Student Information System (SIS) 0.1 - Authentication Bypass

Student Information System SIS 0.1 - Authentication Bypass Exploit Title............... Student Information System SIS Auth Bypass Google Dork................. N/A Date........................ 14/10/2016 Exploit Author.............. lahilote Vendor Homepage...