CVE-2021-2380

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Attachments / File Upload. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromis...

CVE-2022-21477

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Attachments, File Upload. Supported versions that are affected are 12.2.6-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2021-2380

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Attachments / File Upload. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromis...

CVE-2020-14610

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Attachments / File Upload. The supported version that is affected is 12.2.9. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2020-2566

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Attachments / File Upload. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromi...

CVE-2018-1000890

FrontAccounting 2.4.5 contains a Time Based Blind SQL Injection vulnerability in the parameter "filterType" in /attachments.php that can allow the attacker to grab the entire database of the application...

CVE-2018-2934

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite subcomponent: Attachments / File Upload. The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2018-24113)

Oracle E-Business Suite is based on the original Application ERP expansion, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management, and so on a variety of management software collection, is a seamless integration of a management suite. An...

CVE-2011-5070

Multiple cross-site scripting XSS vulnerabilities in Support Incident Tracker aka SiT! 3.65 allow remote attackers to inject arbitrary web script or HTML via 1 the file name to incidentattachments.php; 2 unspecified vectors in linkadd.php, possibly involving origref, linkref, linktype parameters,...