Lucene search
K

15 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:51 a.m.5 views

CVE-2021-2380

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Attachments / File Upload. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromis...

7.6CVSS6.2AI score0.0069EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/06/17 12:0 a.m.8 views

The vulnerability of the Attachments/File Upload sub-component of the Oracle Applications Framework in the Oracle E-Business Suite allows a perpetrator to modify data or gain unauthorized access to protected information.

The vulnerability of the Attachments/File Upload sub-component of the Oracle Applications Framework in the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to modify data or gain unauthorized access ...

7.9CVSS7.3AI score0.0069EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/04/19 9:15 p.m.7 views

CVE-2022-21477

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Attachments, File Upload. Supported versions that are affected are 12.2.6-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

5.4CVSS6.7AI score0.00483EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/07/21 3:15 p.m.1 views

CVE-2021-2380

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Attachments / File Upload. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromis...

7.6CVSS7.3AI score0.0069EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/08/12 12:0 a.m.3 views

The vulnerability of the Attachments/File Upload component of the Oracle Applications Framework allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the Attachments/File Upload component in the Oracle Applications Framework is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows an attacker to gain access to, modify, add, or delete data using the HTTP protocol...

7.6CVSS7.3AI score0.00929EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2020/07/15 6:15 p.m.1 views

CVE-2020-14610

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Attachments / File Upload. The supported version that is affected is 12.2.9. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

7.6CVSS7.2AI score0.00929EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/05/15 12:0 a.m.3 views

The vulnerability of the sub-component “Attachments/File Upload” in Oracle Applications Framework of the Oracle E-Business Suite allows a perpetrator to modify data.

The vulnerability of the Attachments/File Upload sub-component in Oracle Applications Framework of the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or delete dat...

5.3CVSS6.3AI score0.01061EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/02/17 12:0 a.m.4 views

The vulnerability of the Attachments/File Upload component of the Oracle Applications Framework allows a malicious actor to gain access to modify, add, or delete data.

The vulnerability of the Attachments/File Upload component of the Oracle Applications Framework is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add, or delete data using the HTTPS protocol...

5.3CVSS6.5AI score0.01287EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2020/01/15 5:15 p.m.4 views

CVE-2020-2566

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Attachments / File Upload. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromi...

4.7CVSS6.1AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/04/23 12:0 a.m.7 views

The vulnerability of the sub-component “Attachments/File Upload” in Oracle Applications Framework of the Oracle E-Business Suite allows a perpetrator to access, modify, add, or delete data.

The vulnerability of the Attachments/File Upload sub-component in Oracle Applications Framework, a system for automating business processes in Oracle E-Business Suite, is related to lack of access control. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or...

8.5CVSS7.5AI score0.01287EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/01/28 12:0 a.m.8 views

The vulnerability of the sub-component “Attachments/File Upload” of the Oracle Application Object Library in the Oracle E-Business Suite system allows a perpetrator to access, modify, add, or delete data.

The vulnerability of the Attachments/File Upload sub-component of the Oracle Application Object Library in the Oracle E-Business Suite system related to access control deficiencies. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add, or delete...

8.2CVSS7.5AI score0.02009EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/12/28 4:29 p.m.3 views

CVE-2018-1000890

FrontAccounting 2.4.5 contains a Time Based Blind SQL Injection vulnerability in the parameter "filterType" in /attachments.php that can allow the attacker to grab the entire database of the application...

7.5CVSS5.8AI score0.01779EPSS
Exploits1References2
NVD
NVD
added 2018/07/18 1:29 p.m.16 views

CVE-2018-2934

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite subcomponent: Attachments / File Upload. The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

5.3CVSS4.3AI score0.01943EPSS
Exploits0References3
CNVD
CNVD
added 2018/07/18 12:0 a.m.2 views

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2018-24113)

Oracle E-Business Suite is based on the original Application ERP expansion, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management, and so on a variety of management software collection, is a seamless integration of a management suite. An...

5.3CVSS6.7AI score0.01943EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2012/01/29 4:4 a.m.2 views

CVE-2011-5070

Multiple cross-site scripting XSS vulnerabilities in Support Incident Tracker aka SiT! 3.65 allow remote attackers to inject arbitrary web script or HTML via 1 the file name to incidentattachments.php; 2 unspecified vectors in linkadd.php, possibly involving origref, linkref, linktype parameters,...

4.3CVSS5.5AI score0.01518EPSS
Exploits0References8
Rows per page
Query Builder