Showing 1 - 3 of 3

Files from Tanya Secker

First Active	2012-04-12
Last Active	2014-02-11

Tableau Server Blind SQL Injection: Posted Feb 11, 2014; Authored by Tanya Secker | Site trustwave.com; Tableau server suffers from a remote blind SQL injection vulnerability. Versions 8.1.X before 8.1.2 and 8.0.X before 8.0.7 are affected.; tags | exploit, remote, sql injection; advisories | CVE-2014-1204; SHA-256 | ebf6b43d894838fe1a6ca916802d8cfcb730ad9a2026321cedbb90facb145ccd; Download | Favorite | View

Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential: Posted Aug 8, 2012; Authored by sinn3r, Mario Ceballos, Jonathan Claudius, Tanya Secker | Site metasploit.com; This exploits an insecure config found in Scrutinizer NetFlow & sFlow Analyzer. By default, the software installs a default password in MySQL, and binds the service to "0.0.0.0". This allows any remote user to login to MySQL, and then gain arbitrary remote code execution under the context of 'SYSTEM'. Examples of default credentials include: 'scrutinizer:admin', and 'scrutremote:admin'.; tags | exploit, remote, arbitrary, code execution; advisories | CVE-2012-3951, OSVDB-84317; SHA-256 | 61e06a2fa99c7125dcd2af5faeafdcb8556b0880070d66206fa0180b420ee612; Download | Favorite | View

Scrutinizer 8.6.2 Bypass / Cross Site Scripting / SQL Injection: Posted Apr 12, 2012; Authored by Tanya Secker | Site trustwave.com; Scrutinizer NetFlow and sFlow Analyzer version 8.6.2 suffers from authentication bypass, cross site scripting, and remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection; advisories | CVE-2012-1258, CVE-2012-1259, CVE-2012-1260, CVE-2012-1261; SHA-256 | 86781806a8d76416882371c450d483f0f4d9a6334ea56d9463f55a227d424643; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days