Disclosure

HPE Business Service Management (BSM) – Reflected XSS (CVE-2016-4392)

Posted on Updated on

Product & Service Introduction;

HP Business Service Management (BSM) is an end-to-end management solution that integrates network, server, application and business transaction monitoring. HP Business Service Management is developed and marketed by the HP Software Division.

Release Date;

21 Oct 2016

Affected Product;

HP Business Service Management Software 9.1x, 9.20 - 9.25IP1

Read the rest of this entry »

Advertisements

Oracle ADF < 12.1.2 – XML External Entity Injection (XXE) Vulnerability

Posted on Updated on

Product & Service Introduction;

In computing, Oracle Application Development Framework, usually called 
Oracle ADF, provides a commercial Java framework for building enterprise 
applications. It provides visual and declarative approaches to Java EE development. 
It supports rapid application development based on ready-to-use design patterns, 
metadata-driven and visual tools.

Exploitation Technique;

Remote, Authenticated

Read the rest of this entry »