inurl:apspassword

  • 日期:2019-01-09
  • 类别:
  • 作者:FlyingFrog
  • 语法:inurl:apspassword

  • AUTHOR: FlyingFrog
    Twitter: @ItsKarl0z

    ++ SAP Crystal report access ++

    inurl:apspassword
    - open SAP crystal databases to browse
    - Possible SQL Injection
    - Sensitive information
    - Possible Cross-Site Scripting
        - https://www.exploit-db.com/exploits/32882
    - Possible Directory Traversal
        - https://www.exploit-db.com/exploits/16054
    - 48 results at the time of writing

    DISCLAIMER:
    (The vulnerabilities are suggestions, none of them have been tested by me,
    always request permission before testing anything on someone else system)
    Credit goes to the boys of Rapid7