all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

MOVEit SQL Injection

Add to bookmarks
June 23, 2023, 2:58 p.m. |

Packet Storm packetstormsecurity.com

This Metasploit module exploits an SQL injection vulnerability in the MOVEit Transfer web application that allows an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker can leverage an information leak be able to upload a .NET deserialization payload.

access application azure database deserialization engine exploits information injection leak metasploit microsoft microsoft sql microsoft sql server moveit moveit transfer mysql payload server sql sql injection sql server transfer upload vulnerability web web application

Visit resource

More from packetstormsecurity.com / Packet Storm

Ubuntu Security Notice USN-6770-1 1 day, 9 hours ago | packetstormsecurity.com
apache discovery fixes handling +13
Ubuntu Security Notice USN-6769-1 1 day, 9 hours ago | packetstormsecurity.com
attacker configuration default denial of service +15
Red Hat Security Advisory 2024-2799-03 1 day, 9 hours ago | packetstormsecurity.com
advisory buffer buffer overflow code +11
Red Hat Security Advisory 2024-2793-03 1 day, 9 hours ago | packetstormsecurity.com
advisory denial of service enterprise linux +7
Red Hat Security Advisory 2024-2705-03 1 day, 9 hours ago | packetstormsecurity.com
advisory build quarkus red hat +3
Red Hat Security Advisory 2024-2672-03 1 day, 9 hours ago | packetstormsecurity.com
advisory bugs code code execution +15
Red Hat Security Advisory 2024-2671-03 1 day, 9 hours ago | packetstormsecurity.com
advisory bugs build denial of service +10
Red Hat Security Advisory 2024-2669-03 1 day, 9 hours ago | packetstormsecurity.com
advisory bugs code code execution +13
Red Hat Security Advisory 2024-2668-03 1 day, 9 hours ago | packetstormsecurity.com
advisory bugs container denial of service +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Cyber Security Analyst

@ Dane Street | Palm Beach Gardens, Florida, United States
View on infosec-jobs.com

Program Information System Security Manager (ISSM) - onsite Tucson, AZ - TOP SECRET required

@ RTX | AZ855: RMS AP Bldg M05 1151 East Hermans Road Building M05, Tucson, AZ, 85756 USA
View on infosec-jobs.com

Lead - Business System Service (Workday HR Functional Consultant)

@ Freshworks | Bengaluru, India
View on infosec-jobs.com

Cloud Security Engineer

@ ButterflyMX | United States - Remote
View on infosec-jobs.com

Compliance Specialist

@ Airtable | Austin, Texas or San Francisco, California
View on infosec-jobs.com

Cyber SCRM Cloud Assessor Lead

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com
View more jobs