269 matches found
Design/Logic Flaw
Unspecified vulnerability in the Oracle Commerce Platform component in Oracle Commerce Platform 9.4, 10.0, and 10.2 allows remote attackers to affect integrity via vectors related to Dynamo Application Framework - HTML Admin User Interface...
CVE-2015-0495
CVE-2015-0495 affects Oracle Commerce Platform 3.x and 11.x; vulnerability in the Workbench component of Oracle Commerce Guided Search/Commerce Experience Manager enables remote arbitrary code execution (CNVD-2015-02593) and Oracle Endeca Workbench handling (ZDI-15-146). Root cause centers on vul...
CVE-2015-0510
Oracle Commerce Platform (9.4, 10.0, 10.2) is affected by a vulnerability in the Dynamo Application Framework – HTML Admin User Interface. The issue, described in connected CNVD data, allows a remote attacker to update, insert, or delete data, compromising data integrity. The root cause details a...
Oracle Patch Update Delivers 98 Fixes
Released alongside patches from Microsoft and Adobe yesterday, Oracle’s regularly scheduled Critical Patch Update fixed 98 issues across a handful of products, including Oracle’s Database, Fusion Middleware, Java SE, and MySQL, to name a few. One of the most pressing issues the update resolves is...
Multiple SQL Injection Vulnerabilities in ZeusCart
ZeusCart is an open source PHP and Mysql based e-commerce platform. ZeusCart has multiple SQL injection vulnerabilities that can be exploited by remote attackers to execute arbitrary SQL commands...
Microsoft Commerce Server Installed
Microsoft Commerce Server, an e-commerce platform running on .NET, is installed on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid58650; scriptversion"1.11"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/10/10";...
SQL Injection Vulnerability in Batavi 1.1.2
Information -------------------- Name : SQL Injection Vulnerability in Batavi Software : Batavi 1.1.2 and possibly below. Vendor Homepage : http://www.batavi.org Vulnerability Type : SQL Injection Severity : Critical Researcher : Onur Y?lmaz Advisory Reference : NS-12-003 Description...
Batavi 1.1.2 SQL Injection
Information -------------------- Name : SQL Injection Vulnerability in Batavi Software : Batavi 1.1.2 and possibly below. Vendor Homepage : http://www.batavi.org Vulnerability Type : SQL Injection Severity : Critical Researcher : Onur Yılmaz Advisory Reference : NS-12-003 Description...
BluePay Manager v2.0 Script Insertion Vulnerability
BluePay Manager v2.0 Script Insertion Vulnerability Vuln. discovered by : r0t Date: 18 april 2006 vendor:bluepay.com affected versions:v2.0 and previous orginal advisory: http://pridels.blogspot.com/2006/04/bluepay-manager-v20-script-insertion.html Vuln. description: Input passed to the "Account...