226 matches found
Oracle ATS DownloadServlet scriptName Directory Traversal (CVE-2016-0478)
A directory traversal vulnerability exists in Oracle's Application Testing Suite. The vulnerability is due to insufficient input validation while processing HTTP requests to the "/olt/download" URI with parameter scriptName. A remote unauthenticated attacker can exploit this vulnerability by...
Oracle Application Testing Suite DownloadServlet scriptPath Directory Traversal (CVE-2016-0484)
A directory traversal vulnerability exists in Oracle's Application Testing Suite. The vulnerability is due to insufficient input validation while processing HTTP requests to the "/otm/download" URI with parameter scriptPath. A remote, unauthenticated attacker can exploit this vulnerability by...
Oracle Application Testing Suite DownloadServlet file Directory Traversal (CVE-2016-0482)
A directory traversal vulnerability exists in Oracle Application Testing Suite. The vulnerability is due to insufficient input validation while processing HTTP requests to the "/otm/download" URI with the "file" parameter. A remote unauthenticated attacker can exploit this vulnerability by sendin...
Oracle Application Testing Suite Detection
Binary data oracleapplicationtestingsuiteinstalled.nbin...
Oracle Application Testing Suite Java Object Deserialization RCE (April 2016 CPU)
The version of Oracle Application Testing Suite installed on the remote host is affected by a remote code execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons Collections ACC library. An unauthenticated, remote attacker can exploit this, by...
Oracle ATS DownloadServlet exportFileName Directory Traversal (CVE-2016-0486)
A directory traversal vulnerability exists in Oracle's Application Testing Suite. The vulnerability is due to insufficient input validation while processing HTTP requests to the "/otm/download" URI with parameter exportFileName. A remote unauthenticated attacker can exploit this vulnerability by...
Oracle ATS DownloadServlet scheduleReportName Directory Traversal (CVE-2016-0481)
A directory traversal vulnerability exists in Oracle's Application Testing Suite. The vulnerability is due to insufficient input validation while processing HTTP requests to the "/otm/download" URI with parameter scheduleReportName. A remote unauthenticated attacker can exploit this vulnerability...
Oracle ATS DownloadServlet TMAPReportImage Directory Traversal (CVE-2016-0480)
A directory traversal vulnerability exists in Oracle's Application Testing Suite. The vulnerability is due to insufficient input validation while processing HTTP requests to the "/otm/download" URI with parameter TMAPReportImage. A remote unauthenticated attacker can exploit this vulnerability by...
Oracle ATS DownloadServlet OTM reportName Directory Traversal (CVE-2016-0485)
A directory traversal vulnerability exists in Oracle's Application Testing Suite. The vulnerability is due to insufficient input validation while processing HTTP requests to the "/otm/download" URI with parameter reportName.A remote unauthenticated attacker can exploit this vulnerability by sendi...
Oracle Application Testing Suite 登录绕过 和 任意文件上传漏洞
No description provided by source...
Oracle Application Testing Suite DownloadServlet scenario Directory Traversal (CVE-2016-0477)
A directory traversal vulnerability exists in the in Oracle's Application Testing Suite. The vulnerability is due to insufficient input validation while processing HTTP requests to the "/olt/download" URI. A remote unauthenticated attacker can exploit this vulnerability by sending a malicious...
Oracle Application Testing Suite 12.4.0.2.0 - Authentication Bypass / Arbitrary File Upload
Exploit for jsp platform in category web applications Exploit Title: Oracle Application Testing Suite Authentication Bypass and Arbitrary File Upload Remote Exploit Exploit Author: Zhou Yu Vendor Homepage: http://www.oracle.com/ Software Link:...
Oracle Application Testing Suite (ATS) 12.4.0.2.0 - Authentication Bypass / Arbitrary File Upload
Exploit Title: Oracle Application Testing Suite Authentication Bypass and Arbitrary File Upload Remote Exploit Exploit Author: Zhou Yu Vendor Homepage: http://www.oracle.com/ Software Link: http://www.oracle.com/technetwork/oem/downloads/apptesting-downloads-1983826.html?ssSourceSiteId=otncn...
Oracle Application Testing Suite (ATS) 12.4.0.2.0 - Authentication Bypass Arbitrary File Upload
Oracle Application Testing Suite ATS 12.4.0.2.0 - Authentication Bypass Arbitrary File Upload Exploit Title: Oracle Application Testing Suite Authentication Bypass and Arbitrary File Upload Remote Exploit Exploit Author: Zhou Yu Vendor Homepage: http://www.oracle.com/ Software Link:...
Oracle Application Testing Suite UploadFileAction fileType Directory Traversal (CVE-2016-0491)
A directory traversal vulnerability exists in Oracle Application Testing Suite. The vulnerability is due to insufficient input validation when processing HTTP request sent to URI "/olt/UploadFileUpload.do". A remote attacker can exploit this vulnerability by sending a malicious request to the...
Oracle Application Testing Suite DownloadServlet reportName Directory Traversal (CVE-2016-0476)
A directory traversal vulnerability has been reported in Oracle Load Testing component of Oracle Application Testing Suite. The vulnerability is caused due to improper handling of path names when downloading files via the Oracle Load Testing component. Unauthenticated remote attackers could explo...
Oracle Application Testing Suite ReportImage tempfilename Directory Traversal (CVE-2016-0489)
A directory traversal vulnerability exists in Oracle's Application Testing Suite. The vulnerability is due to insufficient input validation in the Oracle Test Manager component while processing the HTTP request parameter tempfilename. A remote, authenticated attacker could exploit this...
New Relic: Unauthorized Access
Summary of Findings ------------------------------- The remote server https://download.newrelic.com allowed unauthenticated access to special access files that are only intended to be accessible after contacting the New Relic program managers as seen below. Exploiting the...
Oracle Application Testing Suite UploadServlet filename Directory Traversal (CVE-2016-0490)
A directory path traversal vulnerability exists in Oracle's Application Testing Suite. The vulnerability is due to insufficient input validation while processing the HTTP request header filename. A remote unauthenticated attacker can exploit this vulnerability by sending a malicious request to th...
Oracle Application Testing Suite filename Header Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Application Testing Suite. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UploadServlet servlet. By providing a filename header containing ...