4 matches found
CVE-2024-24742 Cross-Site Scripting (XSS) vulnerability in SAP CRM (WebClient UI)
SAP CRM WebClient UI - version S4FND 102, S4FND 103, S4FND 104, S4FND 105, S4FND 106, WEBCUIF 701, WEBCUIF 731, WEBCUIF 746, WEBCUIF 747, WEBCUIF 748, WEBCUIF 800, WEBCUIF 801, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. An attacker wi...
Input validation
An Improper Check for Unusual or Exceptional Conditions in the Packet Forwarding Engine pfe of Juniper Networks Junos OS Evolved on PTX10003 Series allows an unauthenticated adjacent attacker to cause an impact to the integrity of the system. When specific transit MPLS packets are received by the...
Oracle PeopleSoft ToolsRelease / ToolsReleaseDB / HCM SSRF Vulnerabilities
Oracle PeopleSoft ToolsRelease version 8.55.03, ToolsReleaseDB version 8.55, and HCM version 9.2 suffer from a server-side request forgery vulnerability. Application: Oracle PeopleSoft Versions Affected: ToolsRelease: 8.55.03; ToolsReleaseDB: 8.55; PeopleSoft HCM 9.2 Vendor URL: http://oracle.com...
Oracle E-Business Suite 12.2.3 SQL Injection
Application: Oracle E-Business Suite Versions Affected: Oracle EBS 12.2.3 Vendor URL: http://oracle.com Bug: SQL injection Reported: 23.12.2016 Vendor response: 24.12.2016 Date of Public Advisory: 18.04.2017 Reference: Oracle CPU April 2017 Author: Dmitry Chastuhin ERPScan Description 1. ADVISORY...