CVE-2012-3184

Oracle WebCenter Sites Advanced UI - Remote Integrity Impact

Title source: manual

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-3184.

AI-analyzed exploit summary This is a detailed technical writeup from SEC Consult Vulnerability Lab describing multiple vulnerabilities in Oracle WebCenter Sites, including authorization issues, XSS, CSRF, and SQL injection. It provides proof-of-concept examples for each vulnerability, demonstrating a deep understanding of the technical mechanics.

Description

Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows remote attackers to affect integrity via unknown vectors related to Advanced UI.

Exploits (1)

exploitdb WRITEUP

webappsmultiple

https://www.exploit-db.com/exploits/22041

View Code ZIP pw:eip

This is a detailed technical writeup from SEC Consult Vulnerability Lab describing multiple vulnerabilities in Oracle WebCenter Sites, including authorization issues, XSS, CSRF, and SQL injection. It provides proof-of-concept examples for each vulnerability, demonstrating a deep understanding of the technical mechanics.

Classification

Writeup 100%

Attack Type

Other

Complexity

Moderate

Reliability

Reliable

Target: Oracle WebCenter Sites (former FatWire Content Server) versions 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, 11.1.1.6.0

Auth required

Prerequisites: Access to the target application · Low-privileged user account for some exploits

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2

Core References

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2013:150

Patch, Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html

Scores

EPSS 0.0445

EPSS Percentile 90.2%

Details

Status published

Products (12)

oracle/fusion_middleware 6.0

oracle/fusion_middleware 6.1

oracle/fusion_middleware 6.2

oracle/fusion_middleware 6.3

oracle/fusion_middleware 7.0

oracle/fusion_middleware 7.0.1

oracle/fusion_middleware 7.0.2

oracle/fusion_middleware 7.0.3

oracle/fusion_middleware 7.5

oracle/fusion_middleware 7.6.1

... and 2 more

Published Oct 17, 2012

Tracked Since Feb 18, 2026