CVE-2012-3185

Oracle WebCenter Sites - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-3185.

AI-analyzed exploit summary This is a detailed security advisory from SEC Consult Vulnerability Lab describing multiple vulnerabilities in Oracle WebCenter Sites, including authorization issues, XSS, CSRF, and SQL injection. It provides technical details, proof-of-concept examples, and affected versions.

Description

Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Advanced UI, a different vulnerability than CVE-2012-3183 and CVE-2012-3186.

Exploits (1)

exploitdb WRITEUP
webappsmultiple
https://www.exploit-db.com/exploits/22041

This is a detailed security advisory from SEC Consult Vulnerability Lab describing multiple vulnerabilities in Oracle WebCenter Sites, including authorization issues, XSS, CSRF, and SQL injection. It provides technical details, proof-of-concept examples, and affected versions.

Classification
Writeup 100%
Attack Type
Sqli | Xss | Auth Bypass | Other
Complexity
Moderate
Reliability
Reliable
Target: Oracle WebCenter Sites (former FatWire Content Server) versions 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, 11.1.1.6.0
Auth required
Prerequisites: Access to the application with low-privileged credentials
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2
Core References
Broken Link vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150

Scores

EPSS 0.0421
EPSS Percentile 89.7%

Details

Status published
Products (11)
oracle/fusion_middleware 6.1
oracle/fusion_middleware 6.2
oracle/fusion_middleware 6.3
oracle/fusion_middleware 11.1.1.6.0
oracle/fusion_middleware 7.0
oracle/fusion_middleware 7.0.1
oracle/fusion_middleware 7.0.2
oracle/fusion_middleware 7.0.3
oracle/fusion_middleware 7.5
oracle/fusion_middleware 7.6.1
... and 1 more
Published Oct 17, 2012
Tracked Since Feb 18, 2026