Oracle PeopleSoft Enterprise PeopleTools 安全漏洞

Oracle PeopleSoft Enterprise PeopleTools is a technology provided by Oracle Corporation in the United States, designed to keep PeopleSoft applications in sync with user needs and expectations. There were security vulnerabilities in the versions of Oracle PeopleSoft Enterprise PeopleTools 8.61 to...

CVE-2025-12904 SNORDIAN's H5PxAPIkatchu <= 0.4.17 - Unauthenticated Stored Cross-Site Scripting via insert_data

The SNORDIAN's H5PxAPIkatchu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'insertdata' AJAX endpoint in all versions up to, and including, 0.4.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

PT-2025-46934

Name of the Vulnerable Software and Affected Versions SNORDIAN's H5PxAPIkatchu plugin for WordPress versions through 0.4.17 Description The software is susceptible to Stored Cross-Site Scripting through the insert data API endpoint. Insufficient input sanitization and output escaping allow...

Oracle Construction and Engineering Suite 安全漏洞

Oracle Construction and Engineering Suite is a portfolio management solution suite product for construction projects from Oracle Corporation USA. A security vulnerability exists in Oracle Construction and Engineering Suite. An attacker could exploit the vulnerability to update, insert, or delete...

Glitter Unicorn Wallpaper 安全漏洞

Glitter unicorn wallpaper is a wallpaper application. A security vulnerability exists in Glitter Unicorn Wallpaper versions 7.0 through 8.0, which stems from a vulnerability that allows an unauthorized application to actively request permissions to insert data into a database, which could allow a...

Oracle Communications Operations Monitor has an unspecified vulnerability (CNVD-2022-17349)

Oracle Communications is a product of Oracle Corporation USA. provides integrated communications and cloud solutions for service providers and enterprises to accelerate their digital transformation.A security vulnerability exists in Oracle Communications Operations Monitor, which could be exploit...

Oracle MySQL 输入验证错误漏洞

Oracle MySQL Server is a relational database from Oracle Corporation. Oracle MySQL Server is vulnerable to an input validation error that could be exploited by an attacker to update, insert, or delete access to MySQL Server accessible data without authorization...

CVE-2021-35232

Hard coded credentials discovered in SolarWinds Web Help Desk product. Through these credentials, the attacker with local access to the Web Help Desk host machine allows to execute arbitrary HQL queries against the database and leverage the vulnerability to steal the password hashes of the users ...

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2018-24267)

Oracle E-Business Suite E-Business Suite is a set of Oracle's fully integrated global business management software.Applications Manager is one of the components used to monitor the performance and availability of Oracle application servers. A security vulnerability exists in the None subcomponent...

Event Manager Admin panel - events_new.php SQL injection

Event Manager Admin panel - eventsnew.php SQL injection Exploit Title: Event Manager PHP Script Admin panel - 'eventsnew.php' SQL injection Date: 2018-06-10 Exploit Author: telahdihapus Vendor Homepage: https://codecanyon.net/user/ezcode Software Link:...

Event Manager Admin Panel events_new.php SQL Injection

Exploit Title: Event Manager PHP Script Admin panel - 'eventsnew.php' SQL injection Date: 2018-06-10 Exploit Author: telahdihapus Vendor Homepage: https://codecanyon.net/user/ezcode Software Link: https://codecanyon.net/item/eventmanager-php-script-admin-panel/21280741 Tested on: windows 10 1...

Oracle Communications Policy Management Unauthorized Operation Vulnerability

Oracle Communications Applications is a suite of Oracle applications for rapidly delivering and monetizing digital life communications.Oracle Communications Policy Management is one of the communications policy management components. A security vulnerability exists in the Portal, CMP subcomponent...

CVE-2017-3630

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Kernel. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris...

Unspecified Vulnerability in Oracle Sun Systems Products Suite Oracle Solaris Component

Oracle Sun Systems Products Suite is a suite of Sun systems products from Oracle Corporation, of which Solaris is a Unix-like operating system. A local security vulnerability exists in the Bash subcomponent of the Oracle Solaris component version 10 of the Oracle Sun Systems Products Suite. An...

Oracle Communications Applications Unspecified Vulnerability in Oracle Communications EAGLE Application Processor Component

Oracle Communications is a suite of communications applications for rapidly delivering and monetizing digital lifestyle services from Oracle Corporation. the Oracle Communications EAGLE Application Processor is one of the platform components that provides Signaling Transmission Points STPs,...

Unspecified Vulnerability in Oracle Financial Services Software Oracle FLEXCUBE Direct Banking Component (CNVD-2016-02479)

Oracle Financial Services Software is a set of Oracle's core banking, online banking and property management financial services software, of which Oracle FLEXCUBE Direct Banking is a set of Internet and mobile banking solution components. An unspecified vulnerability exists in the Pre-Login...

Unspecified Vulnerability in Oracle PeopleSoft Products PeopleSoft Enterprise PeopleTools Component (CNVD-2016-02558)

Oracle PeopleSoft is a suite of enterprise human capital management solutions from Oracle.PeopleSoft Enterprise HCM Candidate Gateway is a self-service front-end to the Oracle PeopleSoft Enterprise Recruiting solution component. An unspecified vulnerability in the PIA Search Functionality...

[Follow_me series]oracle Shell-vulnerability warning-the black bar safety net

The patch from Sun network technology Forum: Days male the starter, reproduced indicate the source of! 1. SQL create tablespace kjtest datafile 'e:\website\kj.asp' 2. size 100k nologging ; Copy the code This will create the Table space. It should be noted that the oracle of the Table, The smalles...

Use a low-privileged Oracle database accounts give the OS access permissions-bug warning-the black bar safety net

Author:Mickey These days look at the article called"Penetration: from application down to OS Oracle"of the document,feel quite interesting,the document probably means that is,if the ORACLE service is using the administrator account to start,as long as you have a have resource and connect privileg...