Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ZDI-07-058: Oracle E-Business Suite SQL Injection Vulnerability

From: reepex <reepex () gmail com>
Date: Wed, 31 Oct 2007 22:55:36 -0500
post auth sql injection in random admin console - lulz

On 10/31/07, zdi-disclosures () 3com com <zdi-disclosures () 3com com> wrote:

The specific flaw exists in the okxLOV.jsp page in the Administration
console.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: