Onapsis Security Advisory - SAP HANA suffers from a Drop Credentials remote SQL injection vulnerability. By exploiting this vulnerability an attacker could modify system settings and delete credentials which could affect other users in the HANA system, engaging into a DoS attack.
d444a5ba1af38fd63f1e5f5e68d842b9592909177de11dc45575d4678f9cd8c4Onapsis Security Advisory - SAP HANA suffers from a remote SQL injection vulnerability in getSqlTraceConfiguration function. By exploiting this vulnerability an attacker could read sensitive business information stored in the HANA system and change configuration parameters which could render the system unavailable for other users.
eb43d022e8fddd6eecbc5626bd6c632f0e9e075f3e94ea6552a956f95eaf9793Onapsis Security Advisory - SAP HANA suffers from a cross site scripting vulnerability during user creation. By exploiting this vulnerability a remote authenticated attacker would be able to attack other users connected to the HANA system.
093745f32867efd7e25fa4d1c9f8e459a0b267da21290b330cd5539db3fe4689Onapsis Security Advisory - SAP HANA role deletion through web-based development workbench suffers from a cross site scripting vulnerability.
6755cf7f8153415edfc191048e8bdf9b8ee3cf270ab9a887093629b129a6311cOnapsis Security Advisory - SAP HANA suffers from a remote SQL injection vulnerability in the trace configuration. By exploiting this vulnerability an attacker could change configuration settings in the HANA system, affecting the integrity of the data stored and possibly turning the platform unavailable to other users.
28e3ad290a4fc8f5f373142a21e20d0d46d3545bc5d3b66532fee4c38b603644Onapsis Security Advisory - SAP HANA suffers from a remote SQL injection vulnerability in the setTraceLevelsForXsApps function. By exploiting this vulnerability an attacker could change configuration settings in the HANA system, affecting the integrity of the data stored and possibly turning the platform unavailable to other users, who won't be able to perform their assigned business operations.
7869861a8cf7d5ac351d96a4bde8a820fc9cf69a49a6804cb69e0ab966bc97ceOnapsis Security Advisory - SAP HANA suffers from an XSJS code injection vulnerability in test-net.xsjs. By exploiting this vulnerability a remote authenticated attacker would be able to partially compromise the SAP system as well as all the information processed and stored in the HANA system.
536c2f5bd066d0dd00d1598734d6f710d8be3e982bbd78bef9d75361bc5754ebOnapsis Security Advisory - The SAP HANA _newUser function suffers from a remote SQL injection vulnerability. By exploiting this vulnerability an attacker could modify information related to users of the HANA system, affecting the integrity of the data stored.
f3b215fc645ed5adb73a39c5c8db51b7f63d88844aaeb6ee126baf1e0fc6ffdaOnapsis Security Advisory - The SAP HANA _modifyUser function suffers from a remote SQL injection vulnerability. By exploiting this vulnerability an attacker could modify information related to users of the HANA system, affecting the integrity of the data stored.
2bf8dc1f0018c72dd7928ea2e39a57b4c7a243e7a5cde3f12425bfe6876cac15Onapsis Security Advisory - SAP HANA hdbsql suffers from multiple memory corruption vulnerabilities. By exploiting this vulnerability an attacker could abuse of management interfaces to execute commands on the HANA system and ultimately compromise all the information stored and processed by the system.
368ce04e67548cdb573e6df82ff6477de56a2a3d247070855e42496c9c199e7fUbuntu Security Notice 2748-1 - Benjamin Randazzo discovered an information leak in the md (multiple device) driver when the bitmap_info.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel. Lureau discovered that the vhost driver did not properly release the userspace provided log file descriptor. A privileged attacker could use this to cause a denial of service (resource exhaustion). Various other issues were also addressed.
a2cb0cdd12c4fea85e65438f7d13ed3b0ec3c4d26d9c533db9f1fef52292c368Centreon version 2.6.1 suffers from a stored cross site scripting vulnerability.
6681b871f00d7c1d0d12d5de3f5e49d61b5ac631bdcefc4a0db93c3a54e96145WordPress Appointment Booking Calendar plugin 1.1.7 suffers from a remote SQL injection vulnerability.
a8b494d46b400d0eafca66c2e737a247a4a6f7318c9de23378bb5eb9311bfbd2PCMan FTP Server version 2.0.7 suffers from a directory traversal vulnerability.
e377ce572fb44bf79adeccd6d80f6e799f096b1c0279f26b2d558839516a13bdVtiger CRM versions 6.3 and below suffer from an authenticated remote code execution vulnerability.
96b388a6a1d5f8b1624567791aa9ea216d7831e2fe9b587518ffa4e13d1e477cCentreon version 2.6.1 suffers from a command injection vulnerability. The POST parameter 'persistant' which serves for making a new service run in the background is not properly sanitized before being used to execute commands. This can be exploited to inject and execute arbitrary shell commands as well as using cross site request forgery attacks.
de65336a8a68b4177f682854c6416feedbbf44c0a5ff31835c174e78d0ac4037IconLover version 5.4.5 suffers from a stack buffer overflow vulnerability.
96362c631d4c3b738ce245283544cd680aad9448b9f8b0b08fdb3b35d96e4555Photos in Wifi version 1.0.1 suffers from a remote shell upload vulnerability.
4a00b037a1dc3051f06630d1a90f45ed20afc5751a1f8f286020dfd2832f6a2bCentreon version 2.6.1 add administrator cross site request forgery exploit.
fb7aeb82618878ab24c9f5c4140479064eb157f08ed35e744bf8bc3096f3f188The latest version of the Vector.primitive length check in Flash 18,0,0,232 is not robust against memory corruptions such as heap overflows. While it is no longer possible to obviously bypass the length check there is still unguarded data in the object which could be corrupted to serve as a useful primitive.
8a4222c338a3d67f609ec341393b261bae85b7cd1930829eb76c347db90be962BisonWare BisonFTP version 3.5 suffers from a directory traversal vulnerability.
1575080d2288468ab9940c569c8d1809df7eea9a1a1378d054311901e42a6d5bThis Metasploit module exploits a SQL query functionality in ManageEngine EventLog Analyzer v10.6 build 10060 and previous versions. Every authenticated user, including the default "guest" account can execute SQL queries directly on the underlying Postgres database server. The queries are executed as the "postgres" user which has full privileges and thus is able to write files to disk. This way a JSP payload can be uploaded and executed with SYSTEM privileges on the web server. This Metasploit module has been tested successfully on ManageEngine EventLog Analyzer 10.0 (build 10003) over Windows 7 SP1.
883715a7f63b19f3be245204a59084b8ad642d1866b7fdd2c6b33080b2dcb675Proof of concept exploit code for the Linux Rowhammer DRAM privilege escalation vulnerability.
489f5aee79c282a129929f43e430e1183b4104c9deb7c71d43c23c88bca7a02cCentreon version 2.6.1 suffers from a remote shell upload vulnerability.
d6f7d3dc2b9d187d9f488cbf0e34984b389cdb34f36401b172e21e70df766956WordPress Appointment Booking Calendar plugin version 1.1.7 suffers from multiple cross site scripting vulnerabilities.
e41e23f354eb6f4f08e77c00b69191422177ba4009cf99f1480256bf86d9069a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed