ZDI-07-058: Oracle E-Business Suite SQL Injection Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-07-058.html
October 16, 2007
-- CVE ID:
CVE-2007-5766
-- Affected Vendor:
Oracle
-- Affected Products:
E-Business Suite 11
E-Business Suite 12
-- TippingPoint(TM) IPS Customer
post auth sql injection in random admin console - lulz
On 10/31/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
The specific flaw exists in the okxLOV.jsp page in the Administration
console.
___
Full-Disclosure - We believe in it.
Charter: