CVE-2019-2579 PoC — Oracle Fusion Middleware WebCenter Sites 信息泄露漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2019/CVE-2019-2579.yaml

Associated Vulnerability

Title:Oracle Fusion Middleware WebCenter Sites 信息泄露漏洞 (CVE-2019-2579)
Description:Oracle Fusion Middleware（Oracle融合中间件）是美国甲骨文（Oracle）公司的一套面向企业和云环境的业务创新平台。该平台提供了中间件、软件集合等功能。WebCenter Sites是其中的一个Web体验管理组件，它可让营销人员和业务用户在全球范围内跨多个渠道创建和管理互动式社交在线体验，以提升销量和客户忠诚度。 Oracle Fusion Middleware中的WebCenter Sites组件12.2.1.3.0版本的Advanced UI子组件存在安全漏洞。攻击者可利用

Description

The Oracle WebCenter Sites component of Oracle Fusion Middleware 12.2.1.3.0 is susceptible to SQL injection via an easily exploitable vulnerability that allows low privileged attackers with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebCenter Sites accessible data.

File Snapshot


 id: CVE-2019-2579

info:
  name: Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 - SQL Injection

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!