EUVD-2018-14716

Malware in sbrugna...

The vulnerability of the Level 3 Maintenance Functions component of the Oracle Retail Convenience Store Back Office software allows a perpetrator to gain access to protected information, alter file access rights, or cause partial service interruption.

The vulnerability of the Level 3 Maintenance Functions component of Oracle Retail Convenience Store Back Office software is related to lack of access control. Exploiting this vulnerability could allow a malicious actor to gain access to protected information, modify file access rights, or cause...

Oracle Retail Applications Retail Back Office Component Unauthorized Operation Vulnerability

Oracle Retail Applications is a suite of retail applications store solutions from Oracle Corporation, of which Retail Back Office is a retail back office component that provides retailers with real-time access to storage management and reporting capabilities. A security vulnerability exists in th...

CVE-2018-2861

Vulnerability in the Oracle Retail Back Office component of Oracle Retail Applications subcomponent: Security. Supported versions that are affected are 13.4.9, 14.0.4 and 14.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2018-2861

Vulnerability in the Oracle Retail Back Office component of Oracle Retail Applications subcomponent: Security. Supported versions that are affected are 13.4.9, 14.0.4 and 14.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2018-2861

Vulnerability in the Oracle Retail Back Office component of Oracle Retail Applications subcomponent: Security. Supported versions that are affected are 13.4.9, 14.0.4 and 14.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2017-10423

Vulnerability in the Oracle Retail Back Office component of Oracle Retail Applications subcomponent: Security. Supported versions that are affected are 13.2, 13.3, 13.4, 14.0 and 14.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracl...

CVE-2017-10423

Vulnerability in the Oracle Retail Back Office component of Oracle Retail Applications subcomponent: Security. Supported versions that are affected are 13.2, 13.3, 13.4, 14.0 and 14.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracl...

OWASP AntiSamy CVE-2017-14735 Cross Site Scripting Vulnerability

Description OWASP AntiSamy is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the...

Unspecified Vulnerability in Oracle Retail Applications Retail Back Office Component

Oracle Retail Applications is a retail application store solution. A security vulnerability exists in the Oracle Retail Back Office component of Oracle Retail Applications, which can be exploited by remote attackers to compromise system integrity...