Oracle NoSQL 11g 1.1.100 R2 - 'log' Parameter Directory Traversal Vulnerability

ID 1337DAY-ID-23406
Type zdt
Reporter rrdw
Modified 2015-03-20T00:00:00


Exploit for java platform in category web applications

Oracle NoSQL is prone to a directory-traversal vulnerability because the application fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability to obtain arbitrary local files in the context of the webserver process.
NoSQL 11g 1.1.100 R2 is vulnerable; other versions may also be affected.

# [2016-04-20]  #