Zomato: Blind XSS - Report review - Admin panel

Introduction In the Zomato Business app there is the functionality to report a review and give additional details as to why you did report the review. Because I knew this reason would be read by Zomato admins I did insert a blind XSS payload here, which ended up executing on...

CVE-2003-1116

The communications protocol for the Report Review Agent RRA, aka FND File Server FNDFS program, in Oracle E-Business Suite 10.7, 11.0, and 11.5.1 to 11.5.8 allows remote attackers to bypass authentication and obtain sensitive information from the Oracle Applications Concurrent Manager by spoofing...

CVE-2003-1116

The CVE-2003-1116 entry concerns Oracle E-Business Suite components: Report Review Agent (RRA), also called FNDFS, in versions 10.7, 11.0, and 11.5.1 through 11.5.8. The vulnerability arises in the communications protocol used by these components, enabling remote attackers to bypass authenticatio...

Oracle E-Business Suite Report Review Agent (RRA) allows arbitrary files to be retrieved with no authentication

Overview A vulnerability in Oracle's E-Business Suite Report Review Agent RRA allows arbitrary files to be retrieved with no authentication. Description A vulnerability exists in the Oracle E-Business Suite Report Review Agent RRA. This vulnerability may allow a remote attacker to retrieve...