Lucene search
K

4 matches found

securityvulns
securityvulns
added 2015/11/02 12:0 a.m.250 views

[ERPSCAN-15-030] Oracle E-Business Suite - XXE injection Vulnerability

ADVISORY INFORMATION Title: Oracle E-Business Suite XXE injection Advisory ID: ERPSCAN-15-030 Advisory URL: http://erpscan.com/advisories/erpscan-15-030-oracle-e-business-suite-xxe-injection-vulnerability/ Date published: 20.10.2015 Vendors contacted: Oracle 2. VULNERABILITY INFORMATION Class:...

6.8CVSS6.8AI score0.03088EPSS
Exploits0
NVD
NVD
added 2015/10/21 11:59 p.m.23 views

CVE-2015-4851

Unspecified vulnerability in the Oracle iSupplier Portal component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to XML input. NOTE: the previous information is from the October 2015...

6.8CVSS6.1AI score0.03088EPSS
Exploits0References7
CVE
CVE
added 2015/10/21 11:0 p.m.56 views

CVE-2015-4851

CVE-2015-4851 affects Oracle E-Business Suite iSupplier Portal (e.g., 12.1.3) with XML input handling vulnerability leading to possible XML External Entity (XXE) conditions. Public sources (ERPScan advisory ERPSCAN-15-030 and related vulnerability listings) describe an XXE injection vector that c...

6.8CVSS6.2AI score0.03088EPSS
Exploits0References7Affected Software1
erpscan
erpscan
added 2015/07/17 12:0 a.m.70 views

Oracle E-Business Suite - XXE injection vulnerability

Application: E-Business Suite Vendor URL: Oracle Bugs: XXE injection Reported: 17.07.2015 Vendor response: 24.07.2015 Date of Public Advisory:20.10.2015 Reference: Oracle CPU Oct 2015 Authors: Nikita Kelesis, Ivan Chalykin, Alexey Tyurin ERPScan VULNERABILITY INFORMATION Class: XML External Entit...

6.8CVSS2AI score0.03088EPSS
Exploits0
Rows per page
Query Builder