Full Disclosure mailing list archives
Re: ZDI-07-058: Oracle E-Business Suite SQL Injection Vulnerability
From: reepex <reepex () gmail com>
Date: Wed, 31 Oct 2007 22:55:36 -0500
post auth sql injection in random admin console - lulz On 10/31/07, zdi-disclosures () 3com com <zdi-disclosures () 3com com> wrote:
The specific flaw exists in the okxLOV.jsp page in the Administration console.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- ZDI-07-058: Oracle E-Business Suite SQL Injection Vulnerability zdi-disclosures (Oct 31)
- Re: ZDI-07-058: Oracle E-Business Suite SQL Injection Vulnerability reepex (Oct 31)