Oracle E-Business Suite (EBS) Unauthenticated Arbitrary File Upload

Posted on 01 March 2023

This Metasploit module exploits an unauthenticated arbitrary file upload vulnerability in Oracle Web Applications Desktop Integrator, as shipped with Oracle EBS versions 12.2.3 through to 12.2.11, in order to gain remote code execution as the oracle user.