Lucene search
K

66 matches found

seebug.org
seebug.org
added 2015/01/06 12:0 a.m.27 views

某政府系统一处越权+一处SQL注入

简要描述: RT 详细说明: 山东农友软件公司官网:http://www.nongyou.com.cn/ 越权案例如下: http://221.2.149.47:8100/jubao/left.aspx http://222.135.109.70:8100/jubao/left.aspx http://123.134.189.60:8012/jubao/left.aspx http://218.56.40.229:8020/jubao/left.aspx http://222.135.127.190:7000/jubao/left.aspx 2.一处越权注入:...

7.7AI score
Exploits0
securityvulns
securityvulns
added 2014/10/16 12:0 a.m.88 views

Lime Survey 2-05+ Multiple Vulnerabilities

Lime Survey Multiple Vulnerabilities ======================================================================= ADVISORY INFORMATION Title: Lime Survey Multiple Vulnerabilities Discovery date: 02/07/2014 Release date: 03/07/2014 Vendor Homepage: www.limesurvey.org Version: Lime Survey 2.05+ Build...

Exploits0
0day.today
0day.today
added 2014/09/21 12:0 a.m.34 views

ClassApps SelectSurvey.net - Multiple SQL Injection Vulnerabilities

Exploit for php platform in category web applications Exploit Title: Multiple SQL Injection Vulnerabilities in SelectSurvey.net Google Dork: intitle:SelectSurvey Date: Sep 03 2014 Vendor Homepage: https://www.classapps.com/ Software Link: https://www.classapps.com/SelectSurveyNETOverview.asp...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2014/09/20 12:0 a.m.21 views

ClassApps SelectSurvey.net - Multiple SQL Injections

ClassApps SelectSurvey.net - Multiple SQL Injections Exploit Title: Multiple SQL Injection Vulnerabilities in SelectSurvey.net Google Dork: intitle:SelectSurvey Date: Sep 03 2014 Vendor Homepage: https://www.classapps.com/ Software Link: https://www.classapps.com/SelectSurveyNETOverview.asp...

0.3AI score
Exploits0
OpenVAS
OpenVAS
added 2014/08/13 12:0 a.m.116 views

Microsoft SQL Server Elevation of Privilege Vulnerability (2984340)

This host is missing an important security update according to Microsoft Bulletin MS14-044. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

6.8CVSS5AI score0.26499EPSS
Exploits0References3
0day.today
0day.today
added 2014/07/08 12:0 a.m.31 views

Lime Survey 2.05+ Build 140618 XSS / SQL Injection Vulnerabilities

Lime Survey version 2.05+ Build 140618 suffers from cross site scripting and remote SQL injection vulnerabilities. Title: Lime Survey Multiple Vulnerabilities Discovery date: 02/07/2014 Release date: 03/07/2014 Vendor Homepage: www.limesurvey.org Version: Lime Survey 2.05+ Build 140618 Tested wit...

7.9AI score
Exploits0
0day.today
0day.today
added 2014/07/06 12:0 a.m.37 views

LimeSurvey 2.05+ Multiple Vulnerabilities

ADVISORY INFORMATION Title: Lime Survey Multiple Vulnerabilities Discovery date: 02/07/2014 Release date: 03/07/2014 Vendor Homepage: www.limesurvey.org Version: Lime Survey 2.05+ Build 140618 Tested with: MS SQL Server 2008 Credits: Giuseppe D'Amore...

8AI score
Exploits0
seebug.org
seebug.org
added 2014/06/26 12:0 a.m.26 views

用友软件股份有限公司流通与零售行业事业部POST注射

简要描述: 用友软件分站流通与零售行业事业部某处出现POST注射, SA权限。只发现问题,不深入,不作恶。 详细说明: http://soft-sk.yonyou.com/service/jszc.jsp URL asktypeid=---注射点---&enddate=JyI%3d&prikey=1&startdate=01/01/1967&Submit=%b2%e9%d1%af POST数据 漏洞证明: web application technology: JSP back-end DBMS: Microsoft SQL Server 2008 current user: 'sa'...

7.5AI score
Exploits0
seebug.org
seebug.org
added 2014/06/04 12:0 a.m.32 views

用友某通用系统sql注入

简要描述: 用友某通用系统注入 详细说明: 用友TurboCRM存在通用sql注入 http://www.qinyuancrm.com/login/forgetpswd.php?orgcode=1&loginname=dsdfsfds loginname参数存在mssql timebased盲注 Place: GET Parameter: loginname Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: orgcode=1&loginname=dsdfsfds';...

7.6AI score
Exploits0
Kitploit
Kitploit
added 2014/03/02 9:13 p.m.34 views

[Responder] a LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server

Responder is a LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. This tool is first an LLMNR and NBT-NS responder, it will answer to specific NBT-NS NetBIOS Name...

7.9AI score
Exploits0References3
Veeam
Veeam
added 2012/05/28 12:0 a.m.13 views

High CPU Utilization for Veeam ONE SQL Database

Challenge When using the included Microsoft SQL Server Express Edition instance to host the Veeam ONE database, a portion of the total CPU cores available to the system have a disproportionality high CPU utilization. Cause This behavior is caused by the "Maximum compute capacity used by a single...

7.1AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2012/04/10 12:0 a.m.183 views

CVE-2012-0158

The 1 ListView, 2 ListView2, 3 TreeView, and 4 TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1...

9.3CVSS7.5AI score0.99966EPSS
In wildExploits12References14
OpenVAS
OpenVAS
added 2011/06/21 12:0 a.m.129 views

Microsoft XML Editor Information Disclosure Vulnerability (2543893)

This host is missing an important security update according to Microsoft Bulletin MS11-049. OpenVAS Vulnerability Test $Id: secpodms11-049.nasl 5362 2017-02-20 12:46:39Z cfi $ Microsoft XML Editor Information Disclosure Vulnerability 2543893 Authors: Antu Sanadi Copyright: Copyright c 2011 SecPod...

4.3CVSS6.4AI score0.15254EPSS
Exploits1References2
Cvelist
Cvelist
added 2011/06/16 8:21 p.m.29 views

CVE-2011-1280

The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server 2005 SP3 and SP4 and 2008 SP1, SP2, and R2; SQL Server Management Studio Express SSMSE 2005; and Visual Studio 2005 SP1, 2008 SP1, and 2010 does not properly handle external entities, which allows remote attackers to read arbitrar...

6.9AI score0.15254EPSS
Exploits1References7
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.13 views

SQL Server 2008

SQL Server 2008...

1.2AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.21 views

Microsoft SQL Server 2008 Service Pack 3 (KB2546951)

SQL Server 2008 Service Pack 3 upgrades all builds of SQL Server 2008 and the components installed by SQL Server 2008 setup. The service pack may be applied to all editions of SQL Server 2008 and can upgrade any instances of SQL Server 2008 resident in your local system. If additional installatio...

2.5AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.69 views

Security Update for SQL Server 2008 R2 Service Pack 3 CU (KB4057113)

Security issues have been identified in the SQL Server 2008 R2 Service Pack 3 CU that could allow an attacker to compromise your system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your...

3AI score
Exploits0
Microsoft KB
Microsoft KB
added 1970/01/01 12:0 a.m.40 views

Security update 1970-01-01

...

5.3AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.20 views

Security Update for SQL Server 2008 Service Pack 3 (KB3045303)

A security issue has been identified in the SQL Server 2008 Service Pack 3 that could allow an attacker to compromise your system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your comput...

3.3AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.35 views

Security Update for SQL Server 2008 R2 Service Pack 2 (KB3045313)

A security issue has been identified in the SQL Server 2008 R2 Service Pack 2 that could allow an attacker to compromise your system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your...

3.3AI score
Exploits0
Rows per page
Query Builder