Lucene search
K

4 matches found

0day.today
0day.today
added 2017/05/20 12:0 a.m.95 views

Oracle PeopleSoft - Server-Side Request Forgery Vulnerability

Exploit for java platform in category web applications Application: Oracle PeopleSoft Versions Affected: ToolsRelease: 8.55.03; ToolsReleaseDB: 8.55; PeopleSoft HCM 9.2 Vendor URL: http://oracle.com Bugs: SSRF Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017...

6.4CVSS6.8AI score0.09636EPSS
Exploits5
Exploit DB
Exploit DB
added 2017/05/19 12:0 a.m.73 views

Oracle PeopleSoft - Server-Side Request Forgery

Application: Oracle PeopleSoft Versions Affected: ToolsRelease: 8.55.03; ToolsReleaseDB: 8.55; PeopleSoft HCM 9.2 Vendor URL: http://oracle.com Bugs: SSRF Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017 Author: Roman Shalymov...

6.5CVSS6.8AI score0.09636EPSS
Exploits5
Cvelist
Cvelist
added 2017/04/24 7:0 p.m.34 views

CVE-2017-3546

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: MultiChannel Framework. Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromis...

5.4AI score0.09636EPSS
Exploits5References5
CVE
CVE
added 2017/04/24 7:0 p.m.75 views

CVE-2017-3546

CVE-2017-3546 affects Oracle PeopleSoft Tools (MultiChannel Framework), specifically SSRF in IMServlet for ToolsRelease 8.55.x (ToolsReleaseDB 8.55; HCM 9.2). Connected docs show SSRF allows remote attacker over network to cause cross-site requests, enabling potentially unauthorized access or por...

6.5CVSS5.3AI score0.09636EPSS
Exploits5References5Affected Software1
Rows per page
Query Builder