what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files

OracleBI Discoverer 10.1.2.48.18 Cross Site Scripting
Posted Dec 12, 2012
Authored by Ur0b0r0x

OracleBI Discoverer version 10.1.2.48.18 suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
SHA-256 | c58ffd83bc1d7695546e8dcb6e1cb866aa14898088f3a34b7212334f210fd971

Related Files

Oracle Business Intelligence Enterprise Edition 5.5.0.0.0 / 12.2.1.3.0 / 12.2.1.4.0 LFI
Posted Oct 28, 2020
Authored by Ivo Palazzolo

Oracle Business Intelligence Enterprise Edition versions 5.5.0.0.0, 12.2.1.3.0, and 12.2.1.4.0 suffer from local file inclusion and directory traversal vulnerabilities.

tags | exploit, local, vulnerability, file inclusion
advisories | CVE-2020-14864
SHA-256 | 1ce61cfa5df4fb1911183bd9133f8dd66643cf0945794e668ec5c2a5cb8333b5
Oracle Business Intelligence Directory Traversal
Posted Apr 19, 2019
Authored by Vahagn Vardanyan

Oracle Business Intelligence versions 11.1.1.9.0, 12.2.1.3.0, and 12.2.1.4.0 suffer from a directory traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2019-2588
SHA-256 | f889cbd6c0762b5cfc93403140f5bfc082892ff8d1316d040347fcd83fa1cd66
Oracle Business Intelligence And XML Publisher XML Injection
Posted Apr 19, 2019
Authored by Vahagn Vardanyan

Oracle Business Intelligence and XML Publisher versions 11.1.1.9.0, 12.2.1.3.0, and 12.2.1.4.0 suffer from an XML external entity injection vulnerability.

tags | exploit
advisories | CVE-2019-2616
SHA-256 | 9b1f96ce9d58e2ce9fb86e9dd9bfab292f9c8681bcc090841c3e665ed7a0c12c
Oracle Discoverer Viewer BI Open Redirect
Posted Apr 27, 2016
Authored by Vulnerability Laboratory, Tommy DeVoss | Site vulnerability-lab.com

Oracle Discoverer Viewer BI suffered from an open redirection vulnerability.

tags | exploit
SHA-256 | e23c0a5e2dc5af6727a12408ff49391c3f3651447979dec521f61fe2e285dff3
D-Link Devices UPnP SOAP Telnetd Command Execution
Posted Sep 17, 2013
Authored by Michael Messner, juan vazquez | Site metasploit.com

Various D-Link Routers are vulnerable to OS command injection in the UPnP SOAP interface. This Metasploit module has been tested successfully on DIR-300, DIR-600, DIR-645, DIR-845 and DIR-865. According to the vulnerability discoverer, more D-Link devices may be affected.

tags | exploit
advisories | OSVDB-94924
SHA-256 | 52a628392ec5ee753541865f4aca6952fbf591c9999c1f65fb1b299552915715
D-Link Devices Unauthenticated Remote Command Execution
Posted Aug 9, 2013
Authored by Michael Messner, juan vazquez | Site metasploit.com

Different D-Link Routers are vulnerable to OS command injection via the web interface. The vulnerability exists in command.php, which is accessible without authentication. This Metasploit module has been tested with the versions DIR-600 2.14b01, DIR-300 rev B 2.13. Two target are included, the first one starts a telnetd service and establish a session over it, the second one runs commands via the CMD target. There is no wget or tftp client to upload an elf backdoor easily. According to the vulnerability discoverer, more D-Link devices may affected.

tags | exploit, web, php
advisories | OSVDB-89861
SHA-256 | 8a06110527ae3c72725545cc043ee9d4ea6e4d06ff5b64679ba754e17db95b66
D-Link Devices Unauthenticated Remote Command Execution
Posted Aug 8, 2013
Authored by Michael Messner, juan vazquez | Site metasploit.com

Different D-Link Routers are vulnerable to OS command injection via the web interface. The vulnerability exists in tools_vct.xgi, which is accessible with credentials. This Metasploit module has been tested with the versions DIR-300 rev A v1.05 and DIR-615 rev D v4.13. Two target are included, the first one starts a telnetd service and establish a session over it, the second one runs commands via the CMD target. There is no wget or tftp client to upload an elf backdoor easily. According to the vulnerability discoverer, more D-Link devices may affected.

tags | exploit, web
advisories | OSVDB-92698
SHA-256 | 9d58ec6df990b7786634d5c2bda806a6512ca58a1d498965975b3ba04c0ab5c4
D-Link Devices UPnP SOAP Command Execution
Posted Jul 23, 2013
Authored by Michael Messner, juan vazquez | Site metasploit.com

Different D-Link Routers are vulnerable to OS command injection in the UPnP SOAP interface. Since it is a blind OS command injection vulnerability, there is no output for the executed command when using the CMD target. Additionally, two targets are included, to start a telnetd service and establish a session over it, or deploy a native mipsel payload. This Metasploit module has been tested successfully on DIR-300, DIR-600, DIR-645, DIR-845 and DIR-865. According to the vulnerability discoverer, more D-Link devices may affected.

tags | exploit
advisories | OSVDB-94924
SHA-256 | 01d435ac6d062114f47621077e0eb7f0d7eaf8b4b14cc6838696243a3e34377f
Secunia Security Advisory 42994
Posted Jan 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle Discoverer, which can be exploited by malicious users to disclose sensitive information and manipulate certain data.

tags | advisory
SHA-256 | 1c27c5a312d0757a59167cba26906dd488afdede90b617c900544b5648d9a00c
oracle-tns.txt
Posted Apr 19, 2007
Authored by Alexander Kornbrust | Site red-database-security.com

The Oracle Discoverer Servlet suffers from a flaw that allows for the TNS listener to be shutdown.

tags | advisory
SHA-256 | 6cd2e4a0b0c557d28f86cc4b2adb74c3a579002df62bea34f5fb4e09d883e8bd
Page 1 of 1
Back1Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    8 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close