CVE-2018-3215

Vulnerability in the Oracle Endeca Information Discovery Integrator component of Oracle Fusion Middleware subcomponent: Integrator ETL. Supported versions that are affected are 3.1.0 and 3.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2018-3207

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Portal. Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

CVE-2018-3164

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Elastic Search. Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSo...

CVE-2018-3130

Vulnerability in the PeopleSoft Enterprise Interaction Hub component of Oracle PeopleSoft Products subcomponent: Application Portal. The supported version that is affected is 9.1.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

Unspecified Vulnerability in Oracle Primavera P6 Enterprise Project Portfolio Management (CNVD-2018-24259)

Oracle Construction and Engineering Suite is a suite of portfolio management solutions for construction projects from Oracle Corporation.Primavera P6 Enterprise Project Portfolio Management P6 is one of the components for planning, managing and executing projects. Primavera P6 Enterprise Project...

Unspecified Vulnerability in Oracle MySQL Server Component (CNVD-2019-07353)

Oracle MySQL is an open source relational database management system from Oracle. The database system is characterized by high performance, low cost, good reliability, etc. MySQL Server is one of the server components. A security vulnerability exists in the MyISAM subcomponent of the MySQL Server...

Unspecified Vulnerability in Oracle PeopleSoft Products PeopleSoft Enterprise HCM Human Resources Component (CNVD-2019-38811)

Oracle PeopleSoft Products is a suite of enterprise human capital management solutions from Oracle that provides human capital management, financial management, supplier relationship management, etc. PeopleSoft Enterprise HCM Human Resources is one of the human resource management components...

CVE-2018-3048

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications subcomponent: Core module. Supported versions that are affected are 12.3.0, 12.4.0, 12.5.0, 14.0.0 and 14.1.0. Easily exploitable vulnerability allows low privileged attacker with network...

CVE-2018-2999

Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products subcomponent: Web Runtime. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...

Unspecified Vulnerability in Oracle Primavera P6 Enterprise Project Portfolio Management (CNVD-2018-24116)

Oracle Construction and Engineering Suite is a suite of portfolio management solutions for construction projects from Oracle Corporation.Primavera P6 Enterprise Project Portfolio Management P6 is one of the components for planning, managing and executing projects. Primavera P6 Enterprise Project...

PT-2018-2729 · Oracle +7 · Mysql Server +6

Name of the Vulnerable Software and Affected Versions: Oracle MySQL versions 5.5.60 and prior Oracle MySQL versions 5.6.40 and prior Oracle MySQL versions 5.7.22 and prior Description: The issue is related to errors in user access control in the MySQL Server component of Oracle MySQL. It allows a...

CVE-2018-2838

Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products subcomponent: EPPCMHIERTOP. The supported version that is affected is 9.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

Unspecified vulnerability in Oracle Financial Services Price Creation and Discovery component (CNVD-2018-01514)

Oracle Financial Services Applications is Oracle's suite of core banking, online banking, and property management financial services software. Oracle Financial Services Price Creation and Discovery is one of the financial services price creation and discovery component. A security vulnerability...

CVE-2018-2626

Vulnerability in the Oracle Financial Services Balance Sheet Planning component of Oracle Financial Services Applications subcomponent: User Interface. The supported version that is affected is 8.0.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

Gespage 7.4.8 SQL Injection

CVE-2017-7997 Gespage SQL Injection vulnerability Description Gespage is a web solution providing a printer portal. Official Website: http://www.gespage.com/ The web application does not properly filter several parameters sent by users, allowing authenticated SQL code injection Stacked Queries -...

Gespage 7.4.8 - SQL Injection

Gespage 7.4.8 - SQL Injection CVE-2017-7997 Gespage SQL Injection vulnerability Description Gespage is a web solution providing a printer portal. Official Website: http://www.gespage.com/ The web application does not properly filter several parameters sent by users, allowing authenticated SQL cod...

Open-Xchange: [XSS] Portal Widget Mail

Hi. No filter for Mail in Widget F244689 Steps - 1. Compose New mail html or plain: F244687 2. Add to Portal this mail F244688 3. Sometimes payload run after Add. If not then go to Portal. OX update the data every 10min and this script will run every 10min in any section. That is, as Crontab. :...

CVE-2017-10394

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Security. Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSof...

CVE-2017-10054

Vulnerability in the Oracle Hospitality Cruise Materials Management component of Oracle Hospitality Applications subcomponent: MMS. The supported version that is affected is 7.30.564.0. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle...

CVE-2017-10014

Vulnerability in the Oracle Hospitality Hotel Mobile component of Oracle Hospitality Applications subcomponent: Suite8/RESTAPI. The supported version that is affected is 1.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...