10504 matches found
Schneider Electric EcoStruxure Operator Terminal Expert
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Low skill level to exploit/public exploits are available Vendor: Schneider Electric Equipment: EcoStruxure Operator Terminal Expert Vulnerabilities: SQL Injection, Path Traversal, Argument Injection 2. RISK EVALUATION Successful exploitation of these...
The vulnerability of the Customer Search sub-component of the Oracle Email Center component in the Oracle E-Business Suite enterprise automation system allows a malicious actor to gain access to and modify data.
The vulnerability of the Customer Search sub-component of the Oracle Email Center component in the Oracle E-Business Suite enterprise automation system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to...
The vulnerability of the sub-component “Attachments/File Upload” in Oracle Applications Framework of the Oracle E-Business Suite allows a perpetrator to modify data.
The vulnerability of the Attachments/File Upload sub-component in Oracle Applications Framework of the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or delete dat...
The vulnerability of the Profile sub-component of the Oracle iSupport component in the Oracle E-Business Suite enterprise automation system allows a perpetrator to gain access to read data and modify that data.
The vulnerability of the Profile sub-component of the Oracle iSupport component in the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to gain access to read, modify, add, or delete data through HTT...
The vulnerability of the OTA Training Activities sub-component of the Oracle Learning Management component in the Oracle E-Business Suite system allows a malicious user to gain access to and modify data.
The vulnerability of the OTA Training Activities sub-component of the Oracle Learning Management component in the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to gain access to read, modify, add, or delete data...
The vulnerability of the User Interface sub-component of the Oracle Advanced Outbound Telephony component in the Oracle E-Business Suite allows a perpetrator to gain access to and modify data.
The vulnerability of the User Interface sub-component of the Oracle Advanced Outbound Telephony component in the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to gain access to read, modify, add, ...
The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain access to modify, add, or delete data.
The vulnerability of the Core component of the Oracle VM VirtualBox software is related to lack of access control. Exploiting this vulnerability can allow an attacker to modify, add, or delete data...
The vulnerability of the Preferences sub-component of the Oracle CRM Technical Foundation component of the Oracle E-Business Suite allows a perpetrator to gain access to and modify data.
The vulnerability of the Preferences sub-component of the Oracle CRM Technical Foundation component of the Oracle E-Business Suite system relates to the lack of protection for operational data. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to read,...
The vulnerability of the Marketing Administration sub-component of the Oracle Marketing component in the Oracle E-Business Suite system, which allows a malicious actor to gain read access to data and modify it.
The vulnerability of the Marketing Administration sub-component of the Oracle Marketing component in the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to gain access to read, modify, add, or delet...
The vulnerability of the Attribute Admin Setup sub-component of the Oracle Partner Management component in the Oracle E-Business Suite system allows a malicious actor to gain access to and modify data.
The vulnerability of the Attribute Admin Setup sub-component of the Oracle Partner Management component in the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add, or...
The vulnerability of the Outcome-Result component of the Oracle Customer Interaction History software in the Oracle E-Business Suite, a business automation system, allows a malicious individual to gain access to modify, add, or delete data.
The vulnerability of the Outcome-Result component of the Oracle Customer Interaction History software in the Oracle E-Business Suite involves deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add, or delete data...
The vulnerability of the Hierarchy Diagrammers component of the Oracle Human Resources software allows a hacker to gain access to modify, add, or delete data, or to unauthorizedly access protected information.
The vulnerability of the Hierarchy Diagrammers component in Oracle Human Resources software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker operating remotely to modify, add, or delete data, or gain unauthorized access to protected information...
The vulnerability of the Preferences component of the Oracle CRM system’s customer relationship management module. The Oracle E-Business Suite technical foundation for automating business processes, allowing attackers to access, modify, add, or delete data.
The vulnerability of the Preferences component of the Oracle CRM system’s customer relationship management module is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data using the HTTP protocol...
The vulnerability of the Diagnostics component of the Oracle Applications Framework software, a part of the Oracle E-Business Suite, allows an intruder to access, modify, add, or delete data, or to gain unauthorized access to protected information.
The vulnerability of the Diagnostics component of the Oracle Applications Framework, a part of the Oracle E-Business Suite, relates to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized...
The vulnerability of the Discovery Framework component (Oracle OHS) within the Enterprise Manager Base Platform allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.
The vulnerability of the Discovery Framework component Oracle OHS in the Enterprise Manager Base Platform is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, or to unauthorizedly access protected...
CVE-2020-6243
Under certain conditions, SAP Adaptive Server Enterprise XP Server on Windows Platform, versions 15.7, 16.0, does not perform the necessary checks for an authenticated user while executing the extended stored procedure, allowing an attacker to read, modify, delete restricted data on connected...
The vulnerability of the Shopping Cart component in the Oracle iStore system, which is used for creating, managing, and personalizing online stores, allows attackers to gain access to modify, add, or delete data, as well as to unauthorizedly access protected information.
The vulnerability of the Shopping Cart component in the Oracle iStore system, which is used for creating, managing, and personalizing e-commerce stores, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to remotely gain access to modify, add, or...
The vulnerability of the KB Search component of the Oracle Email Center messaging software in the Oracle E-Business Suite, a business automation system, allows a malicious individual to access, modify, add, or delete data, or to gain unauthorized access to protected information.
The vulnerability of the KB Search component of the Oracle Email Center messaging software within the Oracle E-Business Suite system relates to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or to gain...
The vulnerability of the Administration component of the Oracle Marketing Encyclopedia System, a business automation system of Oracle E-Business Suite, allows an attacker to access, modify, add, or delete data, or to gain unauthorized access to protected information.
The vulnerability of the Administration component of the Oracle Marketing Encyclopedia System, a business automation system within the Oracle E-Business Suite, is related to inadequate access control mechanisms. Exploiting this vulnerability could allow an attacker to remotely gain access to...
The vulnerability of the Email Address list and Message Display components of the Oracle Email Center software, a business automation system within the Oracle E-Business Suite. This allows attackers to access, modify, add, or delete data, or gain unauthorized access to protected information.
The vulnerability of the Email Address list and Message Display components of the Oracle Email Center software, a messaging automation system within the Oracle E-Business Suite, is related to lack of access control. Exploiting this vulnerability could allow an attacker to modify, add, or delete...