inurl:"/uddiexplorer/searchpublicregistries.jsp"

• SHDB
• 1977 阅读

• 日期：2018-10-17
• 类别：
  • Advisories and Vulnerabilities
• 作者：Zulfikar Azhari
• 语法：inurl:"/uddiexplorer/searchpublicregistries.jsp"

• Category: Page containing log in portal & Web Server Detection

  Description: This dork allows user to access default page of Oracle
  Weblogic Server - UDDI Explorer. Some of scanner tools would detect SSRF
  vulnerability for weblogic uddi explorer. Moreover, there is a flaw
  regarding the weblogic server version which vulnerables to XSS.

  Reference:
  https://blog.gdssecurity.com/labs/2015/3/30/weblogic-ssrf-and-xss-cve-2014-4241-cve-2014-4210-cve-2014-4.html

  Author: Zulfikar Azhari