4427 matches found
BMC Track-It! - Multiple Vulnerabilities
No description provided by source. Multiple critical vulnerabilities in BMC Track-It! Discovered by Pedro Ribeiro [email protected], Agile Information Security ================================================================================= The application exposes several .NET remoting services o...
BMC / Numara Track-It! Domain Administrator and SQL Server User Password Disclosure
This module exploits an unauthenticated configuration retrieval .NET remoting service in Numara / BMC Track-It! v9 to v11.X, which can be abused to retrieve the Domain Administrator and the SQL server user credentials. This module has been tested successfully on versions 11.3.0.355, 10.0.51.135,...
ClassApps SelectSurvey.net - Multiple SQL Injection Vulnerabilities
No description provided by source. Exploit Title: Multiple SQL Injection Vulnerabilities in SelectSurvey.net Google Dork: intitle:SelectSurvey Date: Sep 03 2014 Vendor Homepage: https://www.classapps.com/ Software Link: https://www.classapps.com/SelectSurveyNETOverview.asp Version: 4.124.004 Test...
Microsoft SQL Server Escalate Db_Owner
This module can be used to escalate privileges to sysadmin if the user has the dbowner role in a trustworthy database owned by a sysadmin user. Once the user has the sysadmin role the msssqlpayload module can be used to obtain a shell on the system. This module requires Metasploit:...
万户OA 无条件sql注入
简要描述: sql注入,您要跑出数据证明,那我就给你跑出数据的图,说了 延时注入时间较慢.不知道为什么 您不信呢. 详细说明: 问题处在WorkflowCommonAction acton 参数没有过滤 漏洞证明: -u "http://119.254.81.197:7001/defaultroot/WorkflowCommonAction.do?curActivityId=1&flag=back" --dbms="Microsoft SQL Server" --dbs...
某学校综合管理平台OAsql注入漏洞(影响大量学校)
简要描述: 前台走一走 详细说明: 问题厂商:上海安脉计算机科技有限公司 谷歌百度:版权所有:上海安脉计算机科技有限公司 大量学校使用该系统 管理平台没发现漏洞,但是这套系统附带一套oa系统 /anmai/oa/adduser.aspx 在密码出现sql注入 只能手工不好利用 但是 这有个用户修改 只需添加参数id /anmai/oa/adduser.aspx?id=1 (id存在注入) 以该公司demo为例 http://www.anmai.net/anmai/oa/adduser.aspx?id=1 Place: GET Parameter: id Type: error-based...
ClassApps SelectSurvey.net - Multiple SQL Injection Vulnerabilities
Exploit for php platform in category web applications Exploit Title: Multiple SQL Injection Vulnerabilities in SelectSurvey.net Google Dork: intitle:SelectSurvey Date: Sep 03 2014 Vendor Homepage: https://www.classapps.com/ Software Link: https://www.classapps.com/SelectSurveyNETOverview.asp...
ClassApps SelectSurvey.net - Multiple SQL Injections
Exploit Title: Multiple SQL Injection Vulnerabilities in SelectSurvey.net Google Dork: intitle:SelectSurvey Date: Sep 03 2014 Vendor Homepage: https://www.classapps.com/ Software Link: https://www.classapps.com/SelectSurveyNETOverview.asp Version: 4.124.004 Tested on: Windows 2008 R2/SQL Server...
ClassApps SelectSurvey.net - Multiple SQL Injections
ClassApps SelectSurvey.net - Multiple SQL Injections Exploit Title: Multiple SQL Injection Vulnerabilities in SelectSurvey.net Google Dork: intitle:SelectSurvey Date: Sep 03 2014 Vendor Homepage: https://www.classapps.com/ Software Link: https://www.classapps.com/SelectSurveyNETOverview.asp...
ClassApps SelectSurvey.net 4.124.004 SQL Injection
Details ========== Software: ClassApps SelectSurvey.net Description: Multiple SQL Injection Vulnerabilities Version: 4.124.004 Homepage: https://www.classapps.com/SelectSurveyNETOverview.asp Vendor Fix: 4.125.002 CVE: 2014-6030 Timeline ========== Aug 28 2014 - Vendor Notified Aug 28 2014 - CVE...
万户网络 无条件SQL注入
简要描述: 详细说明: 验证地址: -u "http://222.178.221.54:7001/defaultroot/GovDocumentDossierAction.do?id=1&flag=sendFile" --dbms="Microsoft SQL Server" 存在漏洞地址: http://119.254.81.197:7001 http://61.191.17.216:7001 http://219.136.247.248:7001/ http://222.178.221.54:7001 漏洞证明: 由于是 延时盲注 数据出来较慢 我就不截图了,您可以自己验证下。...
Microsoft SQL Server multiple security vulnerabilities
XSS, stack overrun...
Kesion网校培训系统注入漏洞
简要描述: rt。 详细说明: kesion网校平台,商业收费版,不提供下载。 demo站点:http://e.kesion.com 注册登陆,http://e.kesion.com/user/course/MyCourseOrder.aspx,我的订单,3个框框都无过滤,可注入: 课程名称处search型注入:test%' and @@version0 and '%'=' SQL server 2000 起止时间也可以注入。 最新版应该是2.6,老版本的还有一处注入: 官网的一个案例:http://www.weekedu.com/...
Microsoft SQL Server Elevation of Privilege Vulnerability (2984340)
This host is missing an important security update according to Microsoft Bulletin MS14-044. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2014-4061
Microsoft SQL Server 2008 SP3, 2008 R2 SP2, and 2012 SP1 does not properly control use of stack memory for processing of T-SQL batch commands, which allows remote authenticated users to cause a denial of service daemon hang via a crafted T-SQL statement, aka "Microsoft SQL Server Stack Overrun...
CVE-2014-1820
Cross-site scripting XSS vulnerability in Master Data Services MDS in Microsoft SQL Server 2012 SP1 and 2014 on 64-bit platforms allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "SQL Master Data Services XSS Vulnerability."...
Stack overflow
Microsoft SQL Server 2008 SP3, 2008 R2 SP2, and 2012 SP1 does not properly control use of stack memory for processing of T-SQL batch commands, which allows remote authenticated users to cause a denial of service daemon hang via a crafted T-SQL statement, aka "Microsoft SQL Server Stack Overrun...
Cross site scripting
Cross-site scripting XSS vulnerability in Master Data Services MDS in Microsoft SQL Server 2012 SP1 and 2014 on 64-bit platforms allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "SQL Master Data Services XSS Vulnerability."...
CVE-2014-1820
Cross-site scripting XSS vulnerability in Master Data Services MDS in Microsoft SQL Server 2012 SP1 and 2014 on 64-bit platforms allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "SQL Master Data Services XSS Vulnerability."...
CVE-2014-1820
CVE-2014-1820 describes a cross-site scripting (XSS) vulnerability in Microsoft SQL Server's Master Data Services (MDS). Affected products/versions are SQL Server 2012 SP1 and SQL Server 2014 running on 64-bit platforms, where a crafted URL can cause the MDS web interface to execute arbitrary scr...