CVEs-PoC/2017/CVE-2017-6550.md at 2d745dea058dce4b2f2b4b0b4da10f1e24d40b3e

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-31 10:09:29 +02:00

Files

T

0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024

2024-05-26 14:27:05 +02:00

Description

Multiple SQL injection vulnerabilities in Kinsey Infor-Lawson (formerly ESBUS) allow remote attackers to execute arbitrary SQL commands via the (1) TABLE parameter to esbus/servlet/GetSQLData or (2) QUERY parameter to KK_LS9ReportingPortal/GetData.

POC

Reference

http://packetstormsecurity.com/files/141575/Kinseys-Infor-Lawson-SQL-Injection.html
http://seclists.org/fulldisclosure/2017/Mar/31
https://www.exploit-db.com/exploits/41577/

Github

https://github.com/ARPSyndicate/cvemon

852 B Raw Blame History

CVE-2017-6550

Description

POC

Reference

Github

852 B

Raw Blame History