Web App Vulnerabilities

1. Introduction Oracle Application Express (APEX) / REST Data Services Listener is a web-based database interface deployed on WebLogic servers....

1. Introduction Oracle Application Server 9i Webcache versions prior to 9.0.4.0 are affected by multiple vulnerabilities, allowing for arbitrary file...

1. Introduction The Oracle Application Server ndwfn4.so HTTP Request Remote Overflow vulnerability allows an attacker to potentially execute arbitrary code...

1. Introduction Oracle Application Server Portal 10g Authentication Bypass allows an unauthenticated attacker to access sensitive files within the ‘/dav_portal/portal’...

1. Introduction Oracle 9i Application Server is affected by an HTTP request smuggling vulnerability. This allows attackers to manipulate web...

1. Introduction The Oracle Application Server Webcache Requests OHS mod_access Res… vulnerability is an information disclosure issue affecting Oracle HTTP...

1. Introduction The Oracle Application Server XSQL Stylesheet Arbitrary Java Code vulnerability allows an attacker to execute code on a...

1. Introduction 2. Technical Explanation Root cause: The application uses predictable, hardcoded default credentials. Exploit mechanism: An attacker attempts to...

1. Introduction Oracle BI Publisher Enterprise Detection identifies instances of Oracle BI Publisher Enterprise running on a web server. This...

1. Introduction Oracle Business Intelligence Publisher is a web-based reporting solution installed on remote hosts. It allows businesses to create...