CVE-2019-2578 PoC — Oracle Fusion Middleware WebCenter Sites 访问控制错误漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2019/CVE-2019-2578.yaml

Associated Vulnerability

Title:Oracle Fusion Middleware WebCenter Sites 访问控制错误漏洞 (CVE-2019-2578)
Description:Oracle Fusion Middleware（Oracle融合中间件）是美国甲骨文（Oracle）公司的一套面向企业和云环境的业务创新平台。该平台提供了中间件、软件集合等功能。WebCenter Sites是其中的一个Web体验管理组件，它可让营销人员和业务用户在全球范围内跨多个渠道创建和管理互动式社交在线体验，以提升销量和客户忠诚度。 Oracle Fusion Middleware中的WebCenter Sites组件12.2.1.3.0版本的Advanced UI子组件存在安全漏洞。攻击者可利用

Description

Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 suffers from broken access control. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebCenter Sites accessible data.

File Snapshot


 id: CVE-2019-2578

info:
  name: Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0  - Broken Acces

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!