Lucene search
K

226 matches found

Check Point Advisories
Check Point Advisories
added 2016/05/04 12:0 a.m.7 views

Oracle ATS DownloadServlet scriptName Directory Traversal (CVE-2016-0478)

A directory traversal vulnerability exists in Oracle's Application Testing Suite. The vulnerability is due to insufficient input validation while processing HTTP requests to the "/olt/download" URI with parameter scriptName. A remote unauthenticated attacker can exploit this vulnerability by...

5CVSS1.5AI score0.21922EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2016/05/04 12:0 a.m.4 views

Oracle Application Testing Suite DownloadServlet scriptPath Directory Traversal (CVE-2016-0484)

A directory traversal vulnerability exists in Oracle's Application Testing Suite. The vulnerability is due to insufficient input validation while processing HTTP requests to the "/otm/download" URI with parameter scriptPath. A remote, unauthenticated attacker can exploit this vulnerability by...

5CVSS1.2AI score0.22011EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2016/05/04 12:0 a.m.9 views

Oracle Application Testing Suite DownloadServlet file Directory Traversal (CVE-2016-0482)

A directory traversal vulnerability exists in Oracle Application Testing Suite. The vulnerability is due to insufficient input validation while processing HTTP requests to the "/otm/download" URI with the "file" parameter. A remote unauthenticated attacker can exploit this vulnerability by sendin...

5CVSS1.9AI score0.21922EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/05/03 12:0 a.m.15 views

Oracle Application Testing Suite Detection

Binary data oracleapplicationtestingsuiteinstalled.nbin...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/05/03 12:0 a.m.44 views

Oracle Application Testing Suite Java Object Deserialization RCE (April 2016 CPU)

The version of Oracle Application Testing Suite installed on the remote host is affected by a remote code execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons Collections ACC library. An unauthenticated, remote attacker can exploit this, by...

10CVSS8.2AI score0.83274EPSS
Exploits8References3
Check Point Advisories
Check Point Advisories
added 2016/05/02 12:0 a.m.8 views

Oracle ATS DownloadServlet exportFileName Directory Traversal (CVE-2016-0486)

A directory traversal vulnerability exists in Oracle's Application Testing Suite. The vulnerability is due to insufficient input validation while processing HTTP requests to the "/otm/download" URI with parameter exportFileName. A remote unauthenticated attacker can exploit this vulnerability by...

5CVSS2.2AI score0.27519EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2016/05/01 12:0 a.m.4 views

Oracle ATS DownloadServlet scheduleReportName Directory Traversal (CVE-2016-0481)

A directory traversal vulnerability exists in Oracle's Application Testing Suite. The vulnerability is due to insufficient input validation while processing HTTP requests to the "/otm/download" URI with parameter scheduleReportName. A remote unauthenticated attacker can exploit this vulnerability...

5CVSS1.5AI score0.21922EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2016/05/01 12:0 a.m.4 views

Oracle ATS DownloadServlet TMAPReportImage Directory Traversal (CVE-2016-0480)

A directory traversal vulnerability exists in Oracle's Application Testing Suite. The vulnerability is due to insufficient input validation while processing HTTP requests to the "/otm/download" URI with parameter TMAPReportImage. A remote unauthenticated attacker can exploit this vulnerability by...

5CVSS1.9AI score0.21922EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2016/05/01 12:0 a.m.9 views

Oracle ATS DownloadServlet OTM reportName Directory Traversal (CVE-2016-0485)

A directory traversal vulnerability exists in Oracle's Application Testing Suite. The vulnerability is due to insufficient input validation while processing HTTP requests to the "/otm/download" URI with parameter reportName.A remote unauthenticated attacker can exploit this vulnerability by sendi...

5CVSS2.7AI score0.27519EPSS
Exploits0
seebug.org
seebug.org
added 2016/04/28 12:0 a.m.15 views

Oracle Application Testing Suite 登录绕过 和 任意文件上传漏洞

No description provided by source...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2016/04/26 12:0 a.m.10 views

Oracle Application Testing Suite DownloadServlet scenario Directory Traversal (CVE-2016-0477)

A directory traversal vulnerability exists in the in Oracle's Application Testing Suite. The vulnerability is due to insufficient input validation while processing HTTP requests to the "/olt/download" URI. A remote unauthenticated attacker can exploit this vulnerability by sending a malicious...

5CVSS1.7AI score0.21922EPSS
Exploits0
0day.today
0day.today
added 2016/04/13 12:0 a.m.92 views

Oracle Application Testing Suite 12.4.0.2.0 - Authentication Bypass / Arbitrary File Upload

Exploit for jsp platform in category web applications Exploit Title: Oracle Application Testing Suite Authentication Bypass and Arbitrary File Upload Remote Exploit Exploit Author: Zhou Yu Vendor Homepage: http://www.oracle.com/ Software Link:...

6.4CVSS0.92719EPSS
Exploits7
Exploit DB
Exploit DB
added 2016/04/13 12:0 a.m.54 views

Oracle Application Testing Suite (ATS) 12.4.0.2.0 - Authentication Bypass / Arbitrary File Upload

Exploit Title: Oracle Application Testing Suite Authentication Bypass and Arbitrary File Upload Remote Exploit Exploit Author: Zhou Yu Vendor Homepage: http://www.oracle.com/ Software Link: http://www.oracle.com/technetwork/oem/downloads/apptesting-downloads-1983826.html?ssSourceSiteId=otncn...

6.4CVSS7.5AI score0.92719EPSS
Exploits7
exploitpack
exploitpack
added 2016/04/13 12:0 a.m.41 views

Oracle Application Testing Suite (ATS) 12.4.0.2.0 - Authentication Bypass Arbitrary File Upload

Oracle Application Testing Suite ATS 12.4.0.2.0 - Authentication Bypass Arbitrary File Upload Exploit Title: Oracle Application Testing Suite Authentication Bypass and Arbitrary File Upload Remote Exploit Exploit Author: Zhou Yu Vendor Homepage: http://www.oracle.com/ Software Link:...

6.4CVSS0.2AI score0.92719EPSS
Exploits7
Check Point Advisories
Check Point Advisories
added 2016/03/21 12:0 a.m.3 views

Oracle Application Testing Suite UploadFileAction fileType Directory Traversal (CVE-2016-0491)

A directory traversal vulnerability exists in Oracle Application Testing Suite. The vulnerability is due to insufficient input validation when processing HTTP request sent to URI "/olt/UploadFileUpload.do". A remote attacker can exploit this vulnerability by sending a malicious request to the...

6.4CVSS2.3AI score0.8075EPSS
Exploits6
Check Point Advisories
Check Point Advisories
added 2016/03/20 12:0 a.m.2 views

Oracle Application Testing Suite DownloadServlet reportName Directory Traversal (CVE-2016-0476)

A directory traversal vulnerability has been reported in Oracle Load Testing component of Oracle Application Testing Suite. The vulnerability is caused due to improper handling of path names when downloading files via the Oracle Load Testing component. Unauthenticated remote attackers could explo...

5CVSS4AI score0.21922EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2016/03/14 12:0 a.m.10 views

Oracle Application Testing Suite ReportImage tempfilename Directory Traversal (CVE-2016-0489)

A directory traversal vulnerability exists in Oracle's Application Testing Suite. The vulnerability is due to insufficient input validation in the Oracle Test Manager component while processing the HTTP request parameter tempfilename. A remote, authenticated attacker could exploit this...

6.5CVSS2.1AI score0.54782EPSS
Exploits0
Hacker One
Hacker One
added 2016/02/13 12:46 a.m.21 views

New Relic: Unauthorized Access

Summary of Findings ------------------------------- The remote server https://download.newrelic.com allowed unauthenticated access to special access files that are only intended to be accessible after contacting the New Relic program managers as seen below. Exploiting the...

0.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2016/02/09 12:0 a.m.4 views

Oracle Application Testing Suite UploadServlet filename Directory Traversal (CVE-2016-0490)

A directory path traversal vulnerability exists in Oracle's Application Testing Suite. The vulnerability is due to insufficient input validation while processing the HTTP request header filename. A remote unauthenticated attacker can exploit this vulnerability by sending a malicious request to th...

6.4CVSS2.3AI score0.27444EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2016/01/25 12:0 a.m.36 views

Oracle Application Testing Suite filename Header Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Application Testing Suite. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UploadServlet servlet. By providing a filename header containing ...

10CVSS7.8AI score0.27444EPSS
Exploits0References1
Rows per page
Query Builder