daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enhancement: vulnerabilities/oracle/oracle-ebs-bispgraph-file-access.yaml by mp

patch-1
MostInterestingBotInTheWorld 2022-05-26 15:56:32 -04:00
parent 8afdeb3629
commit c039487da2
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
vulnerabilities/oracle/oracle-ebs-bispgraph-file-access.yaml
View File

@ -1,12 +1,12 @@
id: oracle-ebs-bispgrapgh-file-read
info:
name: Oracle EBS Bispgraph File Access
name: Oracle eBusiness Suite - Improper File Access
author: emenalf,tirtha_mandal,thomas_from_offensity
severity: critical
description: Oracle eBusiness Suite is susceptible to improper file access vulnerabilities. Be aware this product is no longer supported with patches or security fixes.
reference:
- https://www.blackhat.com/docs/us-16/materials/us-16-Litchfield-Hackproofing-Oracle-eBusiness-Suite-wp-4.pdf
- https://www.blackhat.com/docs/us-16/materials/us-16-Litchfield-Hackproofing-Oracle-eBusiness-Suite.pdf
- http://www.davidlitchfield.com/AssessingOraclee-BusinessSuite11i.pdf
tags: oracle,lfi
@ -21,3 +21,5 @@ requests:
regex:
- "root:.*:0:0:"
part: body
# Enhanced by mp on 2022/05/26