inurl:"/uddiexplorer/searchpublicregistries.jsp"

  • 日期:2018-10-17
  • 类别:
  • 作者:Zulfikar Azhari
  • 语法:inurl:"/uddiexplorer/searchpublicregistries.jsp"
  • Category: Page containing log in portal & Web Server Detection

    Description: This dork allows user to access default page of Oracle
    Weblogic Server - UDDI Explorer. Some of scanner tools would detect SSRF
    vulnerability for weblogic uddi explorer. Moreover, there is a flaw
    regarding the weblogic server version which vulnerables to XSS.

    Reference:
    https://blog.gdssecurity.com/labs/2015/3/30/weblogic-ssrf-and-xss-cve-2014-4241-cve-2014-4210-cve-2014-4.html

    Author: Zulfikar Azhari