2 matches found
CVE-2022-50795 SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Conditional Command Injection via traceroute.php
SOUND4 IMPACT/FIRST/PULSE/Eco =2.x contains a conditional command injection vulnerability that allows local authenticated users to create malicious files in the /tmp directory. Unauthenticated attackers can execute commands by making a single HTTP POST request to the traceroute.php script, which...
PT-2005-3221 · Oracle · Oracle Forms
Name of the Vulnerable Software and Affected Versions: Oracle Forms versions 9.0.4 Description: The issue allows local users to obtain sensitive database information because database usernames and passwords are stored in a temporary file that is not properly deleted after use. Recommendations: Fo...