Lucene search
K

3 matches found

seebug.org
seebug.org
added 2007/01/24 12:0 a.m.22 views

Oracle Reports Web Cartridge (RWCGI60)跨站脚本执行漏洞

Oracle应用服务器是一个综合解决方案,用于开发、集成和部署企业的应用系统、门户和网站。 Oracle应用服务Reports Web Cartridge在处理用户请求时存在输入验证漏洞,远程攻击者可能利用此漏洞在用户浏览器中执行恶意脚本代码。 在使用Oracle应用服务器处理Web客户端请求时,报表服务器必需Reports Web CGI或Web Cartridge。由于没有正确验证genuser参数,远程攻击者可以在输入中注入任意脚本并在客户端浏览器中执行。这一漏洞在认证表单中尤其严重,因为恶意用户可以通过这种攻击获得其他用户的认证凭据。 Oracle Application...

7AI score
Exploits0
Prion
Prion
added 2007/01/17 2:28 a.m.20 views

Cross site scripting

Cross-site scripting XSS vulnerability in Oracle Reports Web Cartridge RWCGI60 in the Workflow Cartridge component, as used in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3; Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2; Collaboration Suite 10.1.2; and Oracle E-Business Suite and...

3.5CVSS5.2AI score0.01224EPSS
Exploits5References8Affected Software4
Cvelist
Cvelist
added 2007/01/17 2:0 a.m.28 views

CVE-2007-0275

Cross-site scripting XSS vulnerability in Oracle Reports Web Cartridge RWCGI60 in the Workflow Cartridge component, as used in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3; Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2; Collaboration Suite 10.1.2; and Oracle E-Business Suite and...

7.3AI score0.01224EPSS
Exploits5References8
Rows per page
Query Builder