3 matches found
Oracle E-Business Suite SQL Injection (CVE-2019-2633; CVE-2019-2638)
An SQL vulnerability exists in the Work In Process component of Oracle E-Business Suite. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements with the privileges of the APPS database user...
CVE-2019-2633
CVE-2019-2633 : Vulnerability in Oracle E-Business Suite Work in Process (Messages) affecting 12.1.1, 12.1.2, 12.1.3, 12.2.3–12.2.8. A low-privileged, network-accessible attacker (via HTTP) can compromise data in Work in Process; CVSS v3.1 base score 9.9 (CRITICAL) with C/H/I/H and A/L. Root caus...
CVE-2019-2633
Vulnerability in the Oracle Work in Process component of Oracle E-Business Suite subcomponent: Messages. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows low privileged attacker with network...