demo.mfaktoring.pl XSS vulnerability

Vulnerable URL: https://demo.mfaktoring.pl/SignOn.action?title=%3C/title%3E%3C/script/%22-alert%280%29-%22--%3E%22%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:|...

Error: "To Use Desktop Lock Feature, Make Sure Receiver is Installed and is Working Fine With Single Signon" While Installing Desktop Lock

This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information. Trying to install and activate Desktop Lock, but cannot get it to install. "To use Desktop Lock...

CVE-2015-4884

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via unknown vectors related to Single Signon...

CVE-2015-4854

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via unknown vectors related to Single Signon. NOTE: the previous information is from the October 2015 CPU. Oracle...

Cross site scripting

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via unknown vectors related to Single Signon. NOTE: the previous information is from the October 2015 CPU. Oracle...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via unknown vectors related to Single Signon...

CVE-2015-4884

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via unknown vectors related to Single Signon...

CVE-2015-4884

CVE-2015-4884 affects Oracle E-Business Suite via the Oracle Application Object Library (AOL). Versions impacted: 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, 12.2.4. Vulnerability related to Single Sign-On, impacting confidentiality. Root cause details, exploitable vectors, and fixes are not disclosed in ...

CVE-2015-4854

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via unknown vectors related to Single Signon. NOTE: the previous information is from the October 2015 CPU. Oracle...

CVE-2015-4854

Oracle E-Business Suite Cross-site Scripting (CVE-2015-4854) affects Oracle E-Business Suite 12.1.4 (likely others) via the CfgOCIReturn servlet’s Domain parameter not being sanitized, enabling remote XSS and potential script injection. Remediation per sources: apply the October 2015 CPU/patch se...

Oracle E-Business Multiple Vulnerabilities (October 2015 CPU)

The version of Oracle E-Business installed on the remote host is missing the October 2015 Oracle Critical Patch Update CPU. It is, therefore, affected by vulnerabilities in the following components : - An unspecified flaw exists in the Online Patching subcomponent in the Applications DBA. An...

CVE-2013-3777

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Signon...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Signon...

CVE-2013-3777

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Signon...

CVE-2013-3777

The CVE-2013-3777 issue affects Oracle E-Business Suite, specifically the Oracle Application Object Library component, in versions 11.5.10.2, 12.0.6, and 12.1.3. The root cause is an unspecified vulnerability related to Signon that could compromise integrity via remote access (no confidentiality ...

CVE-2012-3222

Unspecified vulnerability in the Oracle iRecruitment component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect availability via unknown vectors related to Signon...

CVE-2012-3222

CVE-2012-3222 affects the Oracle iRecruitment component in Oracle E-Business Suite (versions 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, 12.1.3). The issue is described as an unspecified vulnerability that could allow remote attackers to affect availability via unknown vectors related to Signon. The publi...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity, related to Signon local and SSO...

CVE-2012-3139

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity, related to Signon local and SSO...

Mozilla Foundation Security Advisory 2008-10

Mozilla Foundation Security Advisory 2008-10 Title: URL token stealing via stylesheet redirect Impact: Low Announced: February 7, 2008 Reporter: Martin Straka Products: Firefox, SeaMonkey Fixed in: Firefox 2.0.0.12 SeaMonkey 1.1.8 Description Security researcher Martin Straka reported that...