GRANDIT Session Management Vulnerability

GRANDIT is a Web-based ERP Enterprise Resource Planning system from GRANDIT Japan. The system includes functions such as sales management, financial management and human resource management. A security vulnerability exists in GRANDIT, which stems from the program not properly managing sessions. A...

CVE-2020-2585

Vulnerability in the Java SE product of Oracle Java SE component: JavaFX. The supported version that is affected is Java SE: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this...

Pagoda Linux Panel of Dongguan Baita Network Technology Co., Ltd. suffers from logic flaw vulnerability

Pagoda Linux Panel is the server management software to improve the efficiency of operation and maintenance, supports one-click LAMP/LNMP/cluster/monitoring/website/FTP/database/JAVA and more than 100 server management functions. Pagoda Linux Panel of Dongguan Beta Network Technology Co., Ltd...

ShopsN open source mall system has a logic flaw vulnerability

ShopsN open source mall system is a product of Shanghai Yiso Network Technology Co., Ltd. an enterprise-class commercial standard full-featured allow free commercial use of open source online store full network system . ShopsN open source mall system has a logic flaw vulnerability . Attackers can...

IBM Emptoris Spend Analysis SQL Injection Vulnerability (CNVD-2020-13057)

IBM Emptoris Spend Analysis is a product within IBM's suite of procurement solutions for consolidating, cleansing and categorizing spend data from decentralized systems. A SQL injection vulnerability exists in IBM Emptoris Spend Analysis versions 10.1.3.x, 10.1.1.x, and 10.1.0.x. The vulnerabilit...

The vulnerability of the Login component of the Oracle Hospitality Opera 5 software, which allows a hacker to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Oracle Hospitality Opera 5 software for managing hotel resources is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker operating remotely to modify, add, or delete data, or gain unauthorized access to protected information usi...

The vulnerability of the Filesystem component of the Oracle Solaris operating system allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Oracle Solaris operating system’s Filesystem component is related to access control deficiencies. Exploiting this vulnerability can allow an attacker to modify, add, or delete data, or to gain unauthorized access to protected information...

The vulnerability of the Message Display component of the Oracle Email Center software allows a malicious individual to gain access to modify, add, or delete data, or to gain unauthorized access to protected information.

The vulnerability of the Message Display component in the Oracle Email Center software lies in its lack of access control mechanisms. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, or to obtain unauthorized access to protected information usin...

The vulnerability of the Message Display component of the Oracle Email Center software allows a malicious individual to gain access to modify, add, or delete data, or to obtain unauthorized access to protected information.

The vulnerability of the Message Display component in the Oracle Email Center software lies in its lack of access control mechanisms. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, or to obtain unauthorized access to protected information usin...

The vulnerability of the PIA Core Technology component of the PeopleSoft Enterprise PeopleTools business application suite allows a hacker to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the PIA Core Technology component in the PeopleSoft Enterprise PeopleTools business application suite is related to access control deficiencies. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, or to unauthorizedly access...

The vulnerability of the Attachments/File Upload component of the Oracle Applications Framework allows a malicious actor to gain access to modify, add, or delete data.

The vulnerability of the Attachments/File Upload component of the Oracle Applications Framework is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to modify, add, or delete data using the HTTPS protocol...

The vulnerability of the Core component in Oracle iSupport’s web application allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Oracle iSupport component, a sub-component of the Core system of the Oracle E-Business Suite, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthorized...

The vulnerability of the Message Display component of the Oracle Email Center software allows a malicious individual to gain access to modify, add, or delete data, or to obtain unauthorized access to protected information.

The vulnerability of the Message Display component of the Oracle Email Center messaging software is related to lack of access control mechanisms. Exploiting this vulnerability could allow an attacker to gain access to modify, add, or delete data, or to obtain unauthorized access to protected...

CVE-2020-8611

In Progress MOVEit Transfer 2019.1 before 2019.1.4 and 2019.2 before 2019.2.1, multiple SQL Injection vulnerabilities have been found in the REST API that could allow an authenticated attacker to gain unauthorized access to MOVEit Transfer's database via the REST API. Depending on the database...

The vulnerability of the Security and Authentication component of the Oracle Business Intelligence Enterprise Edition allows a perpetrator to gain access to modify, add, or delete data, or to unauthorizedly access protected information.

The vulnerability of the Security and Authentication component of the Oracle Business Intelligence Enterprise Edition is related to deficiencies in access control. Exploitation of this vulnerability could allow an attacker, operating remotely, to modify, add, or delete data, or to gain unauthoriz...

The vulnerability of the SMB Server component of the Oracle Solaris operating system allows a perpetrator to gain access to modify, add, or delete data.

The vulnerability of the SMB Server component of the Oracle Solaris operating system is related to lack of access control mechanisms. Exploiting this vulnerability can allow an attacker to modify, add, or delete data...

The vulnerability of the Database Gateway for ODBC component in the Oracle Database Server database management system allows a hacker to gain access to modify, add, or delete data, or to cause partial service interruption.

The vulnerability of the Oracle Database Server ODBC driver’s database server lies in its lack of access control mechanisms. Exploiting this vulnerability could allow an attacker to remotely modify, add, or delete data, or cause a partial service failure using the OracleNet network protocol...

The vulnerability of the Close Manager component of the Oracle Hyperion Financial Close Management application allows a perpetrator to gain unauthorized access to modify, add, or delete data.

The vulnerability of the Close Manager component of the Oracle Hyperion Financial Close Management application relates to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to modify, add, or delete data using the...

The vulnerability of the JavaFX component of the Java SE software platform allows attackers to gain access to modify, add, or delete data.

The vulnerability of the JavaFX component of the Java SE software platform is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or delete data...

The vulnerability of the Enterprise Config Management component of the Enterprise Manager Base Platform allows a perpetrator to gain access to modify, add, or delete data, to unauthorizedly access protected information, or to cause a partial service failure.

The vulnerability of the Enterprise Config Management component of the Enterprise Manager Base Platform is related to resource release errors. Exploiting this vulnerability could allow an attacker operating remotely to modify, add, or delete data, gain unauthorized access to protected information...