CVE-2023-21959

Vulnerability in the Oracle iReceivables product of Oracle E-Business Suite component: Attachments. Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle iReceivables. Successful...

CVE-2023-21959

Vulnerability in the Oracle iReceivables product of Oracle E-Business Suite component: Attachments. Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle iReceivables. Successful...

CVE-2022-43234

An arbitrary file upload vulnerability in the /attachments component of Hoosk v1.8 allows attackers to execute arbitrary code via a crafted PHP file...

Design/Logic Flaw

An arbitrary file upload vulnerability in the /attachments component of Hoosk v1.8 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-43234

An arbitrary file upload vulnerability in the /attachments component of Hoosk v1.8 allows attackers to execute arbitrary code via a crafted PHP file...

Hoosk CMS 代码问题漏洞

Hoosk CMS is a lightweight content management system. Hoosk CMS v1.8.0 suffers from an arbitrary file upload vulnerability that stems from its /attachments component failing to validate uploaded files. An attacker can exploit the vulnerability to remotely execute code...

PT-2022-26809 · Hoosk · Hoosk

Name of the Vulnerable Software and Affected Versions: Hoosk version 1.8 Description: An arbitrary file upload vulnerability in the "/attachments" component allows attackers to execute arbitrary code via a crafted PHP file. Recommendations: For Hoosk version 1.8, consider disabling the...

CVE-2021-2181

Vulnerability in the Oracle Document Management and Collaboration product of Oracle E-Business Suite component: Attachments. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to...

Atlassian JIRA Server and Data Center Cross-Site Scripting Vulnerability (CNVD-2020-53365)

Atlassian JIRA Server and Atlassian JIRA Data Center are both products of Atlassian Australia.Atlassian JIRA Server is the server version of a defect tracking management system. Atlassian JIRA Server is the server version of a defect tracking management system that is used to track and manage all...

CVE-2020-2885

Vulnerability in the Oracle Document Management and Collaboration product of Oracle E-Business Suite component: Attachments. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2019-2583

Vulnerability in the Oracle iSupplier Portal component of Oracle E-Business Suite subcomponent: Attachments. Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via...