inurl:apspassword
AUTHOR: FlyingFrog
Twitter: @ItsKarl0z
++ SAP Crystal report access ++
inurl:apspassword
- open SAP crystal databases to browse
- Possible SQL Injection
- Sensitive information
- Possible Cross-Site Scripting
- https://www.exploit-db.com/exploits/32882
- Possible Directory Traversal
- https://www.exploit-db.com/exploits/16054
- 48 results at the time of writing
DISCLAIMER:
(The vulnerabilities are suggestions, none of them have been tested by me,
always request permission before testing anything on someone else system)
Credit goes to the boys of Rapid7