inurl:apspassword

• SHDB
• 2350 views

• 日期：2019-01-09
• 类别：
  • Files Containing Juicy Info
• 作者：FlyingFrog
• 语法：inurl:apspassword

• AUTHOR: FlyingFrog
  Twitter: @ItsKarl0z

  ++ SAP Crystal report access ++

  inurl:apspassword
  - open SAP crystal databases to browse
  - Possible SQL Injection
  - Sensitive information
  - Possible Cross-Site Scripting
      - https://www.exploit-db.com/exploits/32882
  - Possible Directory Traversal
      - https://www.exploit-db.com/exploits/16054
  - 48 results at the time of writing

  DISCLAIMER:
  (The vulnerabilities are suggestions, none of them have been tested by me,
  always request permission before testing anything on someone else system)
  Credit goes to the boys of Rapid7