SAP Netweaver suffers from a remote ADBC SQL injection vulnerability in IUUC_RECON_RC_COUNT_TABLE_BIG. Other software and various versions are also affected.
>> CATEGORY: exploit
SAP Netweaver versions SAP DMIS in at least 2011_1_731 SP versions 0013 and below suffer from a remote ABAP code injection vulnerability in IUUC_GENERATE_ACPLAN_DELIMITER.
SAP Netweaver version SAP DMIS 2011_1_731 SP 0013 suffers from a remote ABAP code injection vulnerability in IUUC_RECON_RC_COUNT_TABLE_BIG.
Fully independent log4j exploit that does not require any 3rd party binaries. The exploit sprays the payload to all possible logged HTTP Headers such as X-Forwarding, Server-IP, User-Agent.
Log4j remote code execution exploit with a trick to bypass words blocking patches. Works on Log4j versions 2.14.1 and below.
log4j-scan is fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts. It supports fuzzing for more than 60 HTTP request headers, JSON data parameters, and HTTP POST Data…
Apache Log4j2 versions 2.14.1 and below information disclosure exploit.
Booked Scheduler version 2.75 authenticated remote shell upload exploit.
AbanteCart e-commerce platform versions prior to 1.3.2 suffer from cross site scripting and file upload vulnerabilities.