Search Results | AttackerKB

Show filters

Topics 3 Users 9,713

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

3 Total Results

Displaying 1-3 of 3

Attacker Value

Unknown

CVE-2016-11023

Disclosure Date: March 30, 2020 (last updated February 21, 2025)

odata4j 0.7.0 allows ExecuteCountQueryCommand.java SQL injection. NOTE: this product is apparently discontinued.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2016-11024

Disclosure Date: March 30, 2020 (last updated February 21, 2025)

odata4j 0.7.0 allows ExecuteJPQLQueryCommand.java SQL injection. NOTE: this product is apparently discontinued.

Attack Vector: Network Privileges: None User Interaction: None

0

Attacker Value

Unknown

CVE-2014-0171

Disclosure Date: January 15, 2015 (last updated October 05, 2023)

XML external entity (XXE) vulnerability in StaxXMLFactoryProvider2 in Odata4j, as used in Red Hat JBoss Data Virtualization before 6.0.0 patch 4, allows remote attackers to read arbitrary files via a crafted request to a REST endpoint.

0