Showing 1 - 9 of 9

Files from Alexey Tyurin

First Active	2011-11-17
Last Active	2018-01-28

Oracle WebLogic wls-wsat Component Deserialization Remote Code Execution: Posted Jan 28, 2018; Authored by Alexey Tyurin, Federico Dotta, Kevin Kirsche, Luffin | Site metasploit.com; The Oracle WebLogic WLS WSAT component is vulnerable to an XML deserialization remote code execution vulnerability. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0.; tags | exploit, remote, code execution; advisories | CVE-2017-10271; SHA-256 | 4ec37da27b4c2bc377cee005689b9de7e837a03542a60ce1130758c857cb9228; Download | Favorite | View

SAP Hybris E-commerce Suite 5.1.0.3 Hard-Coded Password: Posted Aug 16, 2016; Authored by Alexey Tyurin; SAP Hybris E-commerce Suite version 5.1.0.3 suffers from a hard-coded password vulnerability.; tags | advisory; SHA-256 | daf8b4bbd6787dc3c0a7457e078026f3ad9872c0941ce5b13a4f85401240fa99; Download | Favorite | View

Oracle E-Business Suite 12.1.3 XXE Injection: Posted Oct 29, 2015; Authored by Alexey Tyurin, Ivan Chalykin, Nikita Kelesis; Oracle E-Business Suite version 12.1.3 suffers from an XXE injection vulnerability in the /OA_HTML/oramipp_lpr servlet.; tags | advisory, xxe; advisories | CVE-2015-4851; SHA-256 | de8ff071f7c958b91bd1cfd996007fd7b0ecb3dec217f9ae5e66e3d96ad27826; Download | Favorite | View

Oracle E-Business Suite 12.1.3 XXE Injection: Posted Oct 29, 2015; Authored by Alexey Tyurin, Ivan Chalykin, Nikita Kelesis; Oracle E-Business Suite version 12.1.3 suffers from an XXE injection vulnerability in the /OA_HTML/IspPunchInServlet servlet.; tags | advisory, xxe; advisories | CVE-2015-4849; SHA-256 | 6fb7e76643fd36ba0f6358346bf6ca64dbdedb6d5bcb98f6fd505aead1f86292; Download | Favorite | View

Oracle E-Business Suite 12.1.3 XXE Injection: Posted Oct 29, 2015; Authored by Alexey Tyurin, Ivan Chalykin, Nikita Kelesis; Oracle E-Business Suite version 12.1.3 suffers from an XXE injection vulnerability in the /OA_HTML/copxml servlet.; tags | advisory, xxe; advisories | CVE-2015-4886; SHA-256 | 64f773023ff0e889e6870ab0b5f1dc0367b44615f3ae94952e1f839c93009706; Download | Favorite | View

Oracle E-Business Suite 12.1.4 Cross Site Scripting: Posted Oct 27, 2015; Authored by Alexey Tyurin, Ivan Chalykin, Nikita Kelesis; Oracle E-Business Suite suffers from a cross site scripting vulnerability. Version 12.1.4 is affected.; tags | advisory, xss; advisories | CVE-2015-4854; SHA-256 | 330164019ca36985ae57a2a7d3254a6caf05cc6e3de339d6d2d0609cb18a4c10; Download | Favorite | View

Oracle E-Business Suite 12.1.3 / 12.1.4 SQL Injection: Posted Oct 27, 2015; Authored by Alexey Tyurin, Ivan Chalykin, Egor Karbutov, Nikita Kelesis; Oracle E-Business Suite suffers from a remote SQL injection vulnerability. Versions 12.1.3 and 12.1.4 are affected.; tags | advisory, remote, sql injection; advisories | CVE-2015-4846; SHA-256 | bed7d6cdc8769e52a8aa6079d2197b1a4a13e686111b6e01d1e0c62a2b41c50d; Download | Favorite | View

Oracle E-Business Suite 12.2.4 Database User Enumeration: Posted Oct 27, 2015; Authored by Alexey Tyurin, Ivan Chalykin, Egor Karbutov, Nikita Kelesis; There is a script in EBS that is used to connect to the database and displays the connection status. Different connection results can help an attacker to find existing database accounts. Version 12.2.4 is affected.; tags | advisory; advisories | CVE-2015-4845; SHA-256 | 1aa0dba66e594f4a17c1c25ee299403e80adb017253f58e948040cbe8038ad7f; Download | Favorite | View

SAP NetWeaver TH_GREP Command Execution: Posted Nov 17, 2011; Authored by Alexey Tyurin; SAP NetWeaver suffers from a command execution vulnerability in the TH_GREP report.; tags | advisory; SHA-256 | c3dfd70888d86b64249ce6ffaa7d8426a73697ec5490a405e2af35c4743d2370; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days