126 matches found
CVE-2021-2262
CVE-2021-2262 affects Oracle E-Business Suite Purchasing (Endeca) 12.1.3. The Endeca component is vulnerable, and a low-privileged attacker with network access via HTTPS can compromise Oracle Purchasing, potentially causing unauthorized creation, deletion, or modification of data or full data acc...
CVE-2021-2262
Vulnerability in the Oracle Purchasing product of Oracle E-Business Suite component: Endeca. The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle Purchasing. Successful attacks of this...
CVE-2021-2262
Vulnerability in the Oracle Purchasing product of Oracle E-Business Suite component: Endeca. The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle Purchasing. Successful attacks of this...
Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2021-37714)
Oracle E-Business Suite is an extension of the original Application ERP, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management, etc., a collection of management software, is seamlessly integrated into a management suite. Oracle Purchasing i...
Oracle E-Business Suite 安全漏洞
Oracle E-Business Suite is an extension of the original Application ERP, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management, etc., a collection of management software, is seamlessly integrated into a management suite. Oracle Purchasing i...
February 9, 2021—KB4601360 (Monthly Rollup)
February 9, 2021—KB4601360 Monthly Rollup IMPORTANT Verify that you have installed the required updates listed in the How to get this update section before installing this update. Customers who have purchased the Extended Security Update ESU for on-premises versions of this OS must follow the...
File Upload Vulnerability in Kaixin Procurement System
Qixing Purchasing System is a system for material purchasing and management, which is developed using ASP.NET language. A file upload vulnerability exists in the Qixing Procurement System. An attacker can exploit the vulnerability to upload a webshell and gain server privileges...
Lock and Code S1Ep15: Safely using Google Chrome Extensions with Pieter Arntz
This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Pieter Arntz, malware intelligence researcher for Malwarebytes, about Google Chrome extensions. These sometimes helpful online tools that work directly...
SQL Injection Vulnerability in Purchase 31.0, a Purchasing System of Shanghai Tsuen Lu Software Development Studio
Founded in 2010, Kaixin Studio has been focusing on enterprise applications and constantly updating its products. A SQL injection vulnerability exists in the purchasing system purchase 31.0, which can be exploited by attackers to obtain sensitive information from the database...
The vulnerability of the Purchasing component in the Oracle PeopleSoft Enterprise SCM Purchasing application allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Purchasing component in Oracle PeopleSoft Enterprise SCM Purchasing is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information using the HTTP protocol...
purchasingcrossing.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1174415 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website...
Oracle PeopleSoft Products PeopleSoft Enterprise SCM Purchasing Unauthorized Operation Vulnerability
Oracle PeopleSoft Products is a set of enterprise human capital management solutions from Oracle Oracle. The product provides human capital management, financial management, supplier relationship management and other functions. A security vulnerability exists in the Purchasing component of...
Oracle PeopleSoft Products PeopleSoft Enterprise SCM Purchasing Unauthorized Access Vulnerability
Oracle PeopleSoft's PeopleSoft is an enterprise supply chain procurement product from Oracle USA. An unauthorized access vulnerability exists in Oracle PeopleSoft Products PeopleSoft Enterprise SCM Purchasing, which can be exploited by an attacker to cause unauthorized access to critical data or...
CVE-2020-2906
Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft component: Supplier Change. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM...
CVE-2020-2899
Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft component: Purchasing. The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM...
CVE-2020-2906
Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft component: Supplier Change. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM...
CVE-2020-2899
Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft component: Purchasing. The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM...
Code injection
Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft component: Purchasing. The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM...
CVE-2020-2906
Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft component: Supplier Change. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM...
CVE-2020-2906
CVE-2020-2906 affects Oracle PeopleSoft, specifically the PeopleSoft Enterprise SCM Purchasing component (Supplier Change) version 9.2. The vulnerability allows a low-privilege, unauthenticated attacker with network access over HTTP to gain unauthorized access to data within PeopleSoft SCM Purcha...