18 matches found
EUVD-2021-16576
Malware in sbrugna...
CVE-2024-56002
Missing Authorization vulnerability in mightyforms Contact Form, Survey & Form Builder – MightyForms mightyforms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form, Survey & Form Builder – MightyForms: from n/a through = 1.3.9...
CVE-2021-2117
Vulnerability in the Oracle Application Express Survey Builder component of Oracle Database Server. The supported version that is affected is Prior to 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HTTP to compromi...
Security Bulletin: Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Sourcing
Summary Multiple Oracle database server security vulnerabilities affect IBM Emptoris Sourcing. Vulnerability Details CVEID: CVE-2021-2045 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Text component could allow an authenticated attacker to cause a denial of...
Security Bulletin: Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Supplier Lifecycle Mgmt
Summary Multiple Oracle database server security vulnerabilities affect IBM Emptoris Supplier Lifecycle Management. Vulnerability Details CVEID: CVE-2021-2045 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Text component could allow an authenticated attacker to...
Security Bulletin: Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Program Management
Summary Multiple Oracle Database server security vulnerabilities affect IBM IBM Emptoris Program Management. Vulnerability Details CVEID: CVE-2021-2045 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Text component could allow an authenticated attacker to cause ...
Security Bulletin: Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Contract Management
Summary Multiple Oracle database server security vulnerabilities affect IBM Emptoris Contract Management. Vulnerability Details CVEID: CVE-2021-2045 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Text component could allow an authenticated attacker to cause a...
The vulnerability of the Oracle Application Express Survey Builder component of the Oracle Database Server database management system allows attackers to perform cross-site scripting attacks.
The vulnerability of the Oracle Application Express Survey Builder component of the Oracle Database Server database management system is related to the lack of protective measures for the web page structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting...
CVE-2021-2117
Vulnerability in the Oracle Application Express Survey Builder component of Oracle Database Server. The supported version that is affected is Prior to 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HTTP to compromi...
CVE-2021-2117
Vulnerability in the Oracle Application Express Survey Builder component of Oracle Database Server. The supported version that is affected is Prior to 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HTTP to compromi...
Design/Logic Flaw
Vulnerability in the Oracle Application Express Survey Builder component of Oracle Database Server. The supported version that is affected is Prior to 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HTTP to compromi...
CVE-2021-2117
Vulnerability in the Oracle Application Express Survey Builder component of Oracle Database Server. The supported version that is affected is Prior to 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HTTP to compromi...
CVE-2021-2117
Vulnerability in the Oracle Application Express Survey Builder component of Oracle Database Server. The supported version that is affected is Prior to 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HTTP to compromi...
CVE-2021-2117
CVE-2021-2117 affects Oracle Database Server’s Application Express Survey Builder; vulnerable in all supported Oracle versions prior to 20.2. An authenticated, low-privilege user with network access via HTTP can exploit this vulnerability, with user interaction required, to potentially read and m...
Oracle Database Server Authorization Issues Vulnerability (CNVD-2021-08531)
Oracle Database Server is the United States Oracle Oracle a set of relational database management system. The database management system provides data management, distributed processing and other functions. Application Express APEX, formerly known as HTML DB is one of the Web applications for the...
Oracle Database Server 组件安全漏洞
Oracle Database Server is the United States Oracle Oracle a set of relational database management system. The database management system provides data management, distributed processing and other functions. Application Express APEX, formerly known as HTML DB is one of the Web applications for the...
SA-CONTRIB-2014-115 - Form Builder - Cross-Site Scripting (XSS)
The Form Builder module enables users to build entire Form API structures through a graphical, AJAX-like interface. The module doesn't sufficiently sanitize form titles in some cases. This vulnerability is mitigated by the fact that an attacker must have a role with the permission to create forms...
SA-CONTRIB-2014-091 - Survey Builder - Cross Site Scripting (XSS)
This module allows you to use the Form Builder module to provide an intuitive interface for building surveys, along with the back-end for storing surveys and their responses. Cross Site Scripting XSS When viewing surveys at "/surveys", the survey titles printed out are not sanitized. Any...