exploit the possibilities
Showing 1 - 25 of 72 RSS Feed

Files from Sh2kerr

Email addressalexandr.polyakov at dsec.ru
First Active2007-10-23
Last Active2011-11-17
SAP NetWeaver CTC Authentication Bypass
Posted Nov 17, 2011
Authored by Sh2kerr

SAP NetWeaver suffers from an authentication bypass vulnerability in the CTC service.

tags | advisory, bypass
MD5 | 0e9a25141501eb510fb3d6363372cb2c
SAP NetWeaver SPML Cross Site Request Forgery
Posted Nov 17, 2011
Authored by Sh2kerr

The SAP NetWeaver SPML service suffers from a cross site request forgery vulnerability.

tags | advisory, csrf
MD5 | 1004099fbc4c63a617fa5a0c2e4ce23a
SAP NetWeaver BW Doc Cross Site Scripting
Posted Nov 17, 2011
Authored by Sh2kerr, Dmitriy Chastuchin

SAP NetWeaver BW DOC metadata suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | e6d8a63e9acd6fdb67e93cf42a89e3c9
SAP NetWeaver MI 2 Information Disclosure
Posted Nov 17, 2011
Authored by Sh2kerr

SAP NetWeaver Mobile Engine suffers from an information disclosure vulnerability that discloses version and username information.

tags | advisory, info disclosure
MD5 | 0ac0ae7fe78bed62ae6ecd4196dbc314
SAP NetWeaver SLD Information Disclosure
Posted Jun 28, 2011
Authored by Sh2kerr

SAP NetWeaver suffers from a version information disclosure vulnerability.

tags | advisory, info disclosure
MD5 | bfc87e1f18f95004027e80a7ac8b338b
SAP GUI DLL Hijacking
Posted Mar 16, 2011
Authored by Sh2kerr, Alexey Sintsov

SAP Front End applications (SAPGui.exe) are vulnerable to DLL hijacking attacks allowing for remote code execution.

tags | advisory, remote, code execution
MD5 | 6b0a642a34a1ae77436a86bf00292bf2
SAP NetWeaver Runtime Cross Site Scripting
Posted Mar 16, 2011
Authored by Sh2kerr, Dmitriy Evdokimov

SAP NetWeaver Runtime suffers from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | 6a9d38c95a1896dc1d82be11d17d4e30
SAP NetWeaver Integration Directory Cross Site Scripting
Posted Mar 16, 2011
Authored by Sh2kerr, Dmitriy Evdokimov

Multiple cross site scripting vulnerabilities have been discovered in the SAP NetWeaver Integration Directory.

tags | advisory, vulnerability, xss
MD5 | f5b473f10905b44f7d5d074e43b8e1c1
SAP Crystal Reports 2008 Cross Site Scripting
Posted Mar 16, 2011
Authored by Sh2kerr, Dmitry Chastuhin

Multiple cross site scripting vulnerabilities have been discovered in the PerformanceManagement application module in SAP Crystal Reports Server 2008.

tags | exploit, vulnerability, xss
MD5 | f7537decf05bdd1215ff4a155efbc92f
Forgotten World - Corporate Business Application Systems
Posted Feb 18, 2011
Authored by Val Smith, Sh2kerr

Whitepaper called Forgotten World - Corporate Business Application Systems. This paper will describe some basic and advanced threats and attacks on Enterprise Business Applications – the core of many companies. Both the paper and Blackhat DC presentation are included in this archive.

tags | paper
systems | linux
MD5 | 749bcfc8f3e2ab51464f7114af8ae6c4
Oracle Document Capture 10.1.3.5 Insecure Method / Buffer Overflow
Posted Jan 26, 2011
Authored by Sh2kerr | Site dsecrg.com

Oracle Document Capture version 10.1.3.5 suffers from buffer overflow and insecure method vulnerabilities.

tags | exploit, overflow, vulnerability
advisories | CVE-2010-3599
MD5 | 04cf40e01fed4e26c9ebe8dd189911fd
Oracle Document Capture Actbar2.ocx Insecure Method
Posted Jan 25, 2011
Authored by Sh2kerr, Dmitriy Evdokimov | Site dsecrg.com

Oracle Document Capture suffers from an insecure method vulnerability in Actbar2.ocx.

tags | exploit
advisories | CVE-2010-3591
MD5 | ba1d122785f4d5dce748d6655bb4d13f
SAP Crystal Report Server 2008 Active-X Insecure Methods
Posted Jan 25, 2011
Authored by Sh2kerr, Dmitry Chastuhin | Site dsecrg.com

Insecure practices where found in the library scriptinghelpers.dll from SAP Crystal Report Server 2008. An attacker could construct a html-page containing a call insecure functions.

tags | advisory
MD5 | 623bb1539a1aec82e12acf85131793af
SAP Crystal Report Server 2008 Directory Traversal
Posted Jan 25, 2011
Authored by Sh2kerr, Dmitry Chastuhin | Site dsecrg.com

SAP Crystal Report Server 2008 suffers from a directory traversal vulnerability.

tags | exploit
MD5 | 930ece10d0170436bfc51a77bf22f2fa
SAP Crystal Report Server 2008 Cross Site Scripting
Posted Jan 25, 2011
Authored by Sh2kerr, Dmitry Chastuhin | Site dsecrg.com

SAP Crystal Report Server 2008 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6721adcf6316d6e202fd81c0e3c61b04
Progress OpenEdge Enterprise RDBMS 10.2A Bypass
Posted Jan 25, 2011
Authored by Sh2kerr, Alexey Sintsov, Alexey Troshichev | Site dsecrg.com

Progress OpenEdge Enterprise RDBMS version 10.2A has some vulnerabilities that make it possible to enumerate UserID and bypass authentication.

tags | advisory, vulnerability
MD5 | 76ffa9c759047ceaeb2141ffe42c5431
Oracle Document Capture empop3.dll Insecure Methods
Posted Jan 25, 2011
Authored by Sh2kerr, Dmitriy Evdokimov | Site dsecrg.com

Oracle Document Capture contains ActiveX components that contains insecure methods in empop3.dll.

tags | exploit, activex
advisories | CVE-2010-3591
MD5 | 127fba89a039c97588dd222074cafec0
Oracle Document Capture Insecure READ Method
Posted Jan 25, 2011
Authored by Sh2kerr, Alexey Sintsov | Site dsecrg.com

EasyMail ActiveX Control (emsmtp.dll) that included into Oracle Document Capture distrib can be used to read any file in target system. The vulnerable method is "ImportBodyText()".

tags | exploit, activex
advisories | CVE-2010-3595
MD5 | 2879def13c8d9eff941ac956ad0d6b85
SAP NetWeaver 7.0 Denial Of Service
Posted Nov 18, 2010
Authored by Sh2kerr | Site dsecrg.com

SAP NetWeaver version 7.0 suffers from a denial of service vulnerability in the Metamodel Repository.

tags | advisory, denial of service
MD5 | 564a62ab8dfd6f7891722c55238b0d62
SAP NetWeaver Administrator Panel ECC 6.0 Cross Site Scripting
Posted Nov 17, 2010
Authored by Sh2kerr, Alexey Troshichev | Site dsecrg.com

The SAP NetWeaver administrator panel from ECC version 6.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 3f5f3a29639152a4fcb16c07f1f5db4f
Oracle BPEL Console 10.1.3.3.0 Cross Site Scripting
Posted Oct 28, 2010
Authored by Sh2kerr | Site dsecrg.com

Oracle BPEL Console version 10.1.3.3.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2010-3581
MD5 | d4b0e75bfbffdb2ae1a457793c3f4e08
Oracle BI Publisher HTTP Response Splitting
Posted Oct 28, 2010
Authored by Sh2kerr | Site dsecrg.com

Oracle BI Publisher suffers from a HTTP response splitting vulnerability.

tags | exploit, web
MD5 | 91d3c190354d6032783de15d8392c521
SAP NetWeaver SLD 6.4 - 7.02 Cross Site Scripting
Posted Jul 23, 2010
Authored by Sh2kerr, Alexey Troshichev | Site dsecrg.com

SAP NetWeaver SLD versions 6.4 through 7.02 suffer from multiple cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
MD5 | 451abfbc0ef4b0e2a82befc9477d71d6
SAP Netweaver 6.4 - 7.0 Cross Site Scripting
Posted Jul 23, 2010
Authored by Sh2kerr | Site dsecrg.com

SAP Netweaver versions 6.4 through 7.0 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | d16c41273ad057de749869ddaaf86c49
Symantec Antivirus Client Proxy Buffer Overflow
Posted Feb 20, 2010
Authored by Sh2kerr | Site dsecrg.com

An Active-X component in CLIproxy.dll from Symantec Antivirus Client Proxy suffers from a buffer overflow vulnerability.

tags | advisory, overflow, activex
advisories | CVE-2010-0108
MD5 | 1f68c2a86a81e38c5322e4127c8446d8
Page 1 of 3
Back123Next

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    8 Files
  • 19
    Apr 19th
    4 Files
  • 20
    Apr 20th
    5 Files
  • 21
    Apr 21st
    1 Files
  • 22
    Apr 22nd
    10 Files
  • 23
    Apr 23rd
    22 Files
  • 24
    Apr 24th
    11 Files
  • 25
    Apr 25th
    10 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close