4 matches found
CVE-2024-30927
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the racer-results.php component...
CVE-2024-30927
CVE-2024-30927 affects DerbyNet v9.0 and earlier, with a Cross Site Scripting vulnerability in the racer-results.php component. The issue stems from improper handling/validation of user-supplied input (notably the racerid parameter), allowing an attacker to inject arbitrary script that can be exe...
PT-2024-23677 · Derbynet · Derbynet
Name of the Vulnerable Software and Affected Versions: DerbyNet versions 9.0 and below Description: The issue allows attackers to execute arbitrary code via the racer-results.php component. This is a Cross Site Scripting vulnerability. Recommendations: For DerbyNet versions 9.0 and below, conside...
The vulnerability of the India Localization sub-component and the Results component of Oracle Payables in the Oracle E-Business Suite automation system allows a perpetrator to gain unauthorized access to the device.
The vulnerability of the India Localization sub-component and the Results component of Oracle Payables in the Oracle E-Business Suite system are related to code errors. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to the device through HTTP...