8 matches found
CVE-2017-3549
CVE-2017-3549 affects Oracle E-Business Suite (Scripting Administration) with an SQL injection in iesfootprint.jsp. Affected versions include 12.2.3 (and 12.1.1–12.1.3 and 12.2.3–12.2.6 per the April 2017 CPU). The vulnerability permits unauthenticated, network-based access via HTTP to read/modif...
CVE-2021-2091
CVE-2021-2091 affects Oracle E-Business Suite Oracle Scripting (Miscellaneous) and is documented across multiple sources. Affected versions are 12.1.1–12.1.3 and 12.2.3–12.2.10. The flaw allows an unauthenticated attacker who can reach Oracle Scripting over HTTP to compromise data; attacks may re...
CVE-2021-2029
CVE-2021-2029 affects Oracle E-Business Suite, specifically the Oracle Scripting component. The vulnerability impacts affected E-Business Suite versions 12.1.1–12.1.3 and 12.2.3–12.2.8, and is exploitable by an unauthenticated attacker over HTTP with network access to compromise Oracle Scripting,...
CVE-2018-2997
CVE-2018-2997 affects Oracle E-Business Suite, specifically the Script Author subcomponent of Oracle Scripting. Affected versions are 12.1.1, 12.1.2 and 12.1.3. The vulnerability allows an unauthenticated attacker with network access via HTTP to compromise Oracle Scripting, with human interaction...
CVE-2020-2879
CVE-2020-2879 affects Oracle E-Business Suite, Oracle Scripting (component: Miscellaneous). Affected are versions 12.1.1–12.1.3 and 12.2.3–12.2.9. The vulnerability allows an unauthenticated, network-accessible attacker over HTTP to compromise Oracle Scripting, potentially leading to unauthorized...
CVE-2020-2817
CVE-2020-2817 affects Oracle E-Business Suite Oracle Scripting (component: Miscellaneous). Affected versions are 12.1.1–12.1.3. The vulnerability can be exploited over HTTP by an unauthenticated, network-accessible attacker and requires user interaction for successful exploitation, potentially le...
CVE-2025-61753
CVE-2025-61753 affects Oracle E-Business Suite, Oracle Scripting (Miscellaneous) in versions 12.2.3–12.2.14. The Nessus entry confirms a network-accessible, unauthenticated HTTP vulnerability in Oracle Scripting that requires user interaction and can lead to unauthorized data updates/inserts/dele...
CVE-2026-21943
CVE-2026-21943 affects Oracle E-Business Suite Scripting Admin in versions 12.2.3–12.2.15. An unauthenticated attacker with network access via HTTP can compromise Oracle Scripting, with human interaction required. Impact includes unauthorized updates, inserts, deletes, and read access to Oracle S...