mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-09 15:15:46 +02:00
0xMarcio
1.3 KiB
1.3 KiB
CVE-2016-2386
Description
SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079.
POC
Reference
- http://packetstormsecurity.com/files/137129/SAP-NetWeaver-AS-JAVA-7.5-SQL-Injection.html
- http://seclists.org/fulldisclosure/2016/May/56
- https://erpscan.io/advisories/erpscan-16-011-sap-netweaver-7-4-sql-injection-vulnerability/
- https://github.com/vah13/SAP_exploit
- https://www.exploit-db.com/exploits/39840/
- https://www.exploit-db.com/exploits/43495/
Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/lnick2023/nicenice
- https://github.com/murataydemir/CVE-2016-2386
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/vah13/SAP_exploit
- https://github.com/xbl3/awesome-cve-poc_qazbnm456