66 matches found
某政府系统一处越权+一处SQL注入
简要描述: RT 详细说明: 山东农友软件公司官网:http://www.nongyou.com.cn/ 越权案例如下: http://221.2.149.47:8100/jubao/left.aspx http://222.135.109.70:8100/jubao/left.aspx http://123.134.189.60:8012/jubao/left.aspx http://218.56.40.229:8020/jubao/left.aspx http://222.135.127.190:7000/jubao/left.aspx 2.一处越权注入:...
Lime Survey 2-05+ Multiple Vulnerabilities
Lime Survey Multiple Vulnerabilities ======================================================================= ADVISORY INFORMATION Title: Lime Survey Multiple Vulnerabilities Discovery date: 02/07/2014 Release date: 03/07/2014 Vendor Homepage: www.limesurvey.org Version: Lime Survey 2.05+ Build...
ClassApps SelectSurvey.net - Multiple SQL Injection Vulnerabilities
Exploit for php platform in category web applications Exploit Title: Multiple SQL Injection Vulnerabilities in SelectSurvey.net Google Dork: intitle:SelectSurvey Date: Sep 03 2014 Vendor Homepage: https://www.classapps.com/ Software Link: https://www.classapps.com/SelectSurveyNETOverview.asp...
ClassApps SelectSurvey.net - Multiple SQL Injections
ClassApps SelectSurvey.net - Multiple SQL Injections Exploit Title: Multiple SQL Injection Vulnerabilities in SelectSurvey.net Google Dork: intitle:SelectSurvey Date: Sep 03 2014 Vendor Homepage: https://www.classapps.com/ Software Link: https://www.classapps.com/SelectSurveyNETOverview.asp...
Microsoft SQL Server Elevation of Privilege Vulnerability (2984340)
This host is missing an important security update according to Microsoft Bulletin MS14-044. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Lime Survey 2.05+ Build 140618 XSS / SQL Injection Vulnerabilities
Lime Survey version 2.05+ Build 140618 suffers from cross site scripting and remote SQL injection vulnerabilities. Title: Lime Survey Multiple Vulnerabilities Discovery date: 02/07/2014 Release date: 03/07/2014 Vendor Homepage: www.limesurvey.org Version: Lime Survey 2.05+ Build 140618 Tested wit...
LimeSurvey 2.05+ Multiple Vulnerabilities
ADVISORY INFORMATION Title: Lime Survey Multiple Vulnerabilities Discovery date: 02/07/2014 Release date: 03/07/2014 Vendor Homepage: www.limesurvey.org Version: Lime Survey 2.05+ Build 140618 Tested with: MS SQL Server 2008 Credits: Giuseppe D'Amore...
用友软件股份有限公司流通与零售行业事业部POST注射
简要描述: 用友软件分站流通与零售行业事业部某处出现POST注射, SA权限。只发现问题,不深入,不作恶。 详细说明: http://soft-sk.yonyou.com/service/jszc.jsp URL asktypeid=---注射点---&enddate=JyI%3d&prikey=1&startdate=01/01/1967&Submit=%b2%e9%d1%af POST数据 漏洞证明: web application technology: JSP back-end DBMS: Microsoft SQL Server 2008 current user: 'sa'...
用友某通用系统sql注入
简要描述: 用友某通用系统注入 详细说明: 用友TurboCRM存在通用sql注入 http://www.qinyuancrm.com/login/forgetpswd.php?orgcode=1&loginname=dsdfsfds loginname参数存在mssql timebased盲注 Place: GET Parameter: loginname Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: orgcode=1&loginname=dsdfsfds';...
[Responder] a LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server
Responder is a LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. This tool is first an LLMNR and NBT-NS responder, it will answer to specific NBT-NS NetBIOS Name...
High CPU Utilization for Veeam ONE SQL Database
Challenge When using the included Microsoft SQL Server Express Edition instance to host the Veeam ONE database, a portion of the total CPU cores available to the system have a disproportionality high CPU utilization. Cause This behavior is caused by the "Maximum compute capacity used by a single...
CVE-2012-0158
The 1 ListView, 2 ListView2, 3 TreeView, and 4 TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1...
Microsoft XML Editor Information Disclosure Vulnerability (2543893)
This host is missing an important security update according to Microsoft Bulletin MS11-049. OpenVAS Vulnerability Test $Id: secpodms11-049.nasl 5362 2017-02-20 12:46:39Z cfi $ Microsoft XML Editor Information Disclosure Vulnerability 2543893 Authors: Antu Sanadi Copyright: Copyright c 2011 SecPod...
CVE-2011-1280
The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server 2005 SP3 and SP4 and 2008 SP1, SP2, and R2; SQL Server Management Studio Express SSMSE 2005; and Visual Studio 2005 SP1, 2008 SP1, and 2010 does not properly handle external entities, which allows remote attackers to read arbitrar...
SQL Server 2008
SQL Server 2008...
Microsoft SQL Server 2008 Service Pack 3 (KB2546951)
SQL Server 2008 Service Pack 3 upgrades all builds of SQL Server 2008 and the components installed by SQL Server 2008 setup. The service pack may be applied to all editions of SQL Server 2008 and can upgrade any instances of SQL Server 2008 resident in your local system. If additional installatio...
Security Update for SQL Server 2008 R2 Service Pack 3 CU (KB4057113)
Security issues have been identified in the SQL Server 2008 R2 Service Pack 3 CU that could allow an attacker to compromise your system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your...
Security update 1970-01-01
...
Security Update for SQL Server 2008 Service Pack 3 (KB3045303)
A security issue has been identified in the SQL Server 2008 Service Pack 3 that could allow an attacker to compromise your system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your comput...
Security Update for SQL Server 2008 R2 Service Pack 2 (KB3045313)
A security issue has been identified in the SQL Server 2008 R2 Service Pack 2 that could allow an attacker to compromise your system and gain control over it. You can help protect your computer by installing this update from Microsoft. After you install this item, you may have to restart your...