mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
752 B
752 B
CVE-2005-4550
Description
The PORTAL schema in Oracle Application Server (OracleAS) Discussion Forum Portlet allows remote attackers to obtain the source code for arbitrary JSP and other files via a df_next_page parameter with a trailing null byte (%00).
POC
Reference
- http://marc.info/?l=full-disclosure&m=113532633229270&w=2
- http://securityreason.com/securityalert/297
Github
No PoCs found on GitHub currently.