exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2015-09-29

SAP HANA Drop Credentials SQL Injection
Posted Sep 29, 2015
Authored by Nahuel Sanchez | Site onapsis.com

Onapsis Security Advisory - SAP HANA suffers from a Drop Credentials remote SQL injection vulnerability. By exploiting this vulnerability an attacker could modify system settings and delete credentials which could affect other users in the HANA system, engaging into a DoS attack.

tags | advisory, remote, sql injection
MD5 | a6402db475df87bf86651eba28bcfc30
SAP HANA getSqlTraceConfiguration SQL Injection
Posted Sep 29, 2015
Authored by Fernando Russ, Nahuel Sanchez | Site onapsis.com

Onapsis Security Advisory - SAP HANA suffers from a remote SQL injection vulnerability in getSqlTraceConfiguration function. By exploiting this vulnerability an attacker could read sensitive business information stored in the HANA system and change configuration parameters which could render the system unavailable for other users.

tags | advisory, remote, sql injection
MD5 | b20efa4c19f514ba212c26e4867acf3b
SAP HANA User Creation Cross Site Scripting
Posted Sep 29, 2015
Authored by Nahuel Sanchez | Site onapsis.com

Onapsis Security Advisory - SAP HANA suffers from a cross site scripting vulnerability during user creation. By exploiting this vulnerability a remote authenticated attacker would be able to attack other users connected to the HANA system.

tags | advisory, remote, xss
MD5 | b86e2ed0cc2b299df4a08b42a5822d83
SAP HANA Role Deletion Cross Site Scripting
Posted Sep 29, 2015
Authored by Nahuel Sanchez | Site onapsis.com

Onapsis Security Advisory - SAP HANA role deletion through web-based development workbench suffers from a cross site scripting vulnerability.

tags | advisory, web, xss
MD5 | c651aa147ccce1311dcfa1b7e63159b4
SAP HANA Trace Configuration SQL Injection
Posted Sep 29, 2015
Authored by Nahuel Sanchez | Site onapsis.com

Onapsis Security Advisory - SAP HANA suffers from a remote SQL injection vulnerability in the trace configuration. By exploiting this vulnerability an attacker could change configuration settings in the HANA system, affecting the integrity of the data stored and possibly turning the platform unavailable to other users.

tags | advisory, remote, sql injection
MD5 | 244a9eaacffd2aaf4635e6f0f3891656
SAP HANA setTraceLevelsForXsApps SQL Injection
Posted Sep 29, 2015
Authored by Pablo Artuso | Site onapsis.com

Onapsis Security Advisory - SAP HANA suffers from a remote SQL injection vulnerability in the setTraceLevelsForXsApps function. By exploiting this vulnerability an attacker could change configuration settings in the HANA system, affecting the integrity of the data stored and possibly turning the platform unavailable to other users, who won't be able to perform their assigned business operations.

tags | advisory, remote, sql injection
MD5 | 14b82dac7dd55d54893d48fa2d6fde05
SAP HANA test-net.xsjs Code Injection
Posted Sep 29, 2015
Authored by Nahuel D. Sanchez, Pablo Artuso | Site onapsis.com

Onapsis Security Advisory - SAP HANA suffers from an XSJS code injection vulnerability in test-net.xsjs. By exploiting this vulnerability a remote authenticated attacker would be able to partially compromise the SAP system as well as all the information processed and stored in the HANA system.

tags | advisory, remote
MD5 | 7f83f90bb6c3a098c918f18b05dd9086
SAP HANA _newUser SQL Injection
Posted Sep 29, 2015
Authored by Pablo Artuso | Site onapsis.com

Onapsis Security Advisory - The SAP HANA _newUser function suffers from a remote SQL injection vulnerability. By exploiting this vulnerability an attacker could modify information related to users of the HANA system, affecting the integrity of the data stored.

tags | advisory, remote, sql injection
MD5 | 71b3c20ed3cd319ebe768be9e155477f
SAP HANA _modifyUser SQL Injection
Posted Sep 29, 2015
Authored by Pablo Artuso | Site onapsis.com

Onapsis Security Advisory - The SAP HANA _modifyUser function suffers from a remote SQL injection vulnerability. By exploiting this vulnerability an attacker could modify information related to users of the HANA system, affecting the integrity of the data stored.

tags | advisory, remote, sql injection
MD5 | bb1b616558e9d5e27543b3423f7a5c91
SAP HANA hdbsql Memory Corruption
Posted Sep 29, 2015
Authored by Nahuel D. Sanchez | Site onapsis.com

Onapsis Security Advisory - SAP HANA hdbsql suffers from multiple memory corruption vulnerabilities. By exploiting this vulnerability an attacker could abuse of management interfaces to execute commands on the HANA system and ultimately compromise all the information stored and processed by the system.

tags | advisory, vulnerability
advisories | CVE-2015-6507
MD5 | d84bc960430406fcac7cb19e5e9fdeb2
Ubuntu Security Notice USN-2748-1
Posted Sep 29, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2748-1 - Benjamin Randazzo discovered an information leak in the md (multiple device) driver when the bitmap_info.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel. Lureau discovered that the vhost driver did not properly release the userspace provided log file descriptor. A privileged attacker could use this to cause a denial of service (resource exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-5697, CVE-2015-6252
MD5 | daf8e287eecb0fbf5eb1983d27bf2e98
Centreon 2.6.1 Persistent Cross Site Scripting
Posted Sep 29, 2015
Authored by LiquidWorm | Site zeroscience.mk

Centreon version 2.6.1 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
MD5 | 7223fef091e6e1bd899a9973ee3d8fb7
WordPress Appointment Booking Calendar 1.1.7 SQL Injection
Posted Sep 29, 2015
Authored by Iberia Medeiros

WordPress Appointment Booking Calendar plugin 1.1.7 suffers from a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
advisories | CVE-2015-7319
MD5 | ee9784f4a41ac9bbd2f26c95aadaad5f
PCMan FTP Server 2.0.7 Directory Traversal
Posted Sep 29, 2015
Authored by Jay Turla

PCMan FTP Server version 2.0.7 suffers from a directory traversal vulnerability.

tags | exploit
MD5 | 83f0216fbc7de361db8ed444168409ee
Vtiger CRM 6.3 Remote Code Execution
Posted Sep 29, 2015
Authored by Benjamin Daniel Mussler

Vtiger CRM versions 6.3 and below suffer from an authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2015-6000
MD5 | f902e3b97f48bf8fd6abab295f15fdad
Page 1 of 1
Back1Next

File Archive:

October 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    16 Files
  • 2
    Oct 2nd
    1 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    24 Files
  • 5
    Oct 5th
    24 Files
  • 6
    Oct 6th
    11 Files
  • 7
    Oct 7th
    14 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    1 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    7 Files
  • 12
    Oct 12th
    15 Files
  • 13
    Oct 13th
    26 Files
  • 14
    Oct 14th
    10 Files
  • 15
    Oct 15th
    6 Files
  • 16
    Oct 16th
    2 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    15 Files
  • 20
    Oct 20th
    20 Files
  • 21
    Oct 21st
    12 Files
  • 22
    Oct 22nd
    14 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close