mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
763 B
763 B
CVE-2005-4550
Description
The PORTAL schema in Oracle Application Server (OracleAS) Discussion Forum Portlet allows remote attackers to obtain the source code for arbitrary JSP and other files via a df_next_page parameter with a trailing null byte (%00).
POC
Reference
- http://marc.info/?l=full-disclosure&m=113532633229270&w=2
- http://securityreason.com/securityalert/297
Github
No PoCs found on GitHub currently.