Whitepaper on MySQL Injection.
3b118779a00f06479c87f90b6938ddf6MySQL User-Defined (Linux) x32 / x86_64 sys_exec function local privilege escalation exploit.
6836b2b8653660838622bcc3b783c738MySQL Edit Table version 1.0 suffers from a remote SQL injection vulnerability.
19c3b4630111dd4e32c4693e85b43bd9MySQL Smart Reports version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
1deb436274ece79190d4578f0b25e4abMySQL Blob Uploader version 1.7 suffers from cross site scripting and remote SQL injection vulnerabilities.
0df31f3773a11ec980d7bbd206341fd6MySQL Squid Access Report version 2.1.4 suffers from cross site scripting and remote SQL injection vulnerabilities.
57dcbbb92acfac828907d96c7d9bebeeWhitepaper called MySQL UDF Exploitation.
274e9471a6448b9f3cf177b0869dd261This Metasploit module creates and enables a custom UDF (user defined function) on the target host via the SELECT ... into DUMPFILE method of binary injection. On default Microsoft Windows installations of MySQL versions 5.5.9 and below, directory write permissions not enforced, and the MySQL service runs as LocalSystem. NOTE: This Metasploit module will leave a payload executable on the target system when the attack is finished, as well as the UDF DLL, and will define or redefine sys_eval() and sys_exec() functions.
bcf3d2156b2ec4dfa9eb9e73784fb039MySQL G0ld is a program that issues brute force attacks against a MySQL Server using a supplied wordlist.
e0087db2fc7abccc98bd40d8d96cf170MySQL versions 5.6.35 and below and 5.7.17 and below suffer from an integer overflow vulnerability.
b75b270cdc0e95780d2eb0566b2c31c7MySQL File Uploader version 1.0 suffers from a remote SQL injection vulnerability.
2b578f3df732e92d1d7b03346ac69305This is a paper that discussing MySQL OOB hacking techniques under Windows.
f927be9e4e0c76f1ea9267c22544c206MySQL-based databases including MySQL, MariaDB and PerconaDB are affected by a privilege escalation vulnerability which can let attackers who have gained access to mysql system user to further escalate their privileges to root user allowing them to fully compromise the system. The vulnerability stems from unsafe file handling of error logs and other files.
73b41ab8c5b59bd8889f73c2538d4f62MySQL versions 5.7.15 and below, 5.6.33 and below, and 5.5.52 and below suffer from remote root code execution and privilege escalation vulnerabilities.
a33bd7f960992093ff0e37dd88d8076fMySQL version 5.5.45 64-bit suffers from a local credential disclosure vulnerability.
2812e4f1438b6f0e24edeecbd7ca8889MySQL versions 5.7.12 and below suffer from integer overflow, buffer overflow, memory corruption, and format string vulnerabilities.
9ff046aa258bd477bb9020f04cba4c41MySQL Procedure Analyse denial of service exploit that affects versions up to 5.5.45.
1a85e20529f00c83a924fa4025add3b4MySQL version 5.6.24 suffers from multiple buffer overflow vulnerabilities.
7ef3230eff96f619204c48a4405001d3This paper discusses an overflow in the DOUBLE data type in MySQL.
6719c22c4e76623f9156b543969a0c83This Metasploit module takes advantage of a file privilege misconfiguration problem specifically against Windows MySQL servers. This Metasploit module abuses the FILE privilege to write a payload to Microsoft's All Users Start Up directory which will execute every time a user logs in. The default All Users Start Up directory used by the module is Windows 7 friendly.
01b957cce66f751708896b6c29334a0fMySQL version 5.0.x suffers from an IF query handling remote denial of service vulnerability.
ccdb986362621ab28a3aa95d51452078This Metasploit modules takes advantage of a file privilege misconfiguration problem specifically against Windows MySQL servers (due to the use of a .mof file). This may result in arbitrary code execution under the context of SYSTEM. However, please note in order to use this module, you must have a valid MySQL account on the target machine.
b018f0d01c159599ccc86e730647c227Oracle MySQL suffers from a user enumeration vulnerability. This is a utility that demonstrates the issue.
1f1d8075312eddb4eecfd8556cb24014Oracle MySQL on Windows remote exploit that leverages file privileges to obtain a SYSTEM shell.
c27279dbaad2797c961cf10a218675eeOracle MySQL version 5.5.19-log on SuSE Linux suffers from a denial of service vulnerability.
42dabfd0d259adacd6ed7bb25e70ee3fOracle MySQL on Linux suffers from a vulnerability that allows an attacker to add a new admin user.
a021c33c9e1f8d6bf9f971fdab61fac2
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed