what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from Mohammad Shah Bin Mohammad Esa

Oracle Financial Services Analytical Applications 7.3.5.x / 8.0.x XXE Injection / XSS

Posted Jan 24, 2018

Authored by Samandeep Singh, Mohammad Shah Bin Mohammad Esa | Site sec-consult.com

Oracle Financial Services Analytical Applications versions 7.3.5.x and 8.0.x suffer from XML external entity injection and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, xxe

advisories | CVE-2018-2660, CVE-2018-2661

SHA-256 | 596ba7a1bde4935da9df89c58e1d05d2e8ba24cba2ef3cb2156029511e53d6b4

Download | Favorite | View

IBM Infosphere Information Server / Datastage 11.5 Command Execution / Bypass

Posted Sep 15, 2017

Authored by Samandeep Singh, Goh Zhi Hao, Mohammad Shah Bin Mohammad Esa | Site sec-consult.com

IBM Infosphere Information Server / Datastage versions 9.1, 11.3, and 11.5 (including Cloud version 11.5) suffer from bypass, XML external entity injection, DLL side loading, and various other vulnerabilities.

tags | exploit, vulnerability, xxe

advisories | CVE-2017-1383, CVE-2017-1467, CVE-2017-1468, CVE-2017-1495

SHA-256 | ea53053471a3eeb44443432b6095afa188583cf9617704a2e1f792491a59b12a

Download | Favorite | View