The Oracle WebLogic WLS WSAT component is vulnerable to an XML deserialization remote code execution vulnerability. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0.
4ec37da27b4c2bc377cee005689b9de7e837a03542a60ce1130758c857cb9228SAP Hybris E-commerce Suite version 5.1.0.3 suffers from a hard-coded password vulnerability.
daf8b4bbd6787dc3c0a7457e078026f3ad9872c0941ce5b13a4f85401240fa99Oracle E-Business Suite version 12.1.3 suffers from an XXE injection vulnerability in the /OA_HTML/oramipp_lpr servlet.
de8ff071f7c958b91bd1cfd996007fd7b0ecb3dec217f9ae5e66e3d96ad27826Oracle E-Business Suite version 12.1.3 suffers from an XXE injection vulnerability in the /OA_HTML/IspPunchInServlet servlet.
6fb7e76643fd36ba0f6358346bf6ca64dbdedb6d5bcb98f6fd505aead1f86292Oracle E-Business Suite version 12.1.3 suffers from an XXE injection vulnerability in the /OA_HTML/copxml servlet.
64f773023ff0e889e6870ab0b5f1dc0367b44615f3ae94952e1f839c93009706Oracle E-Business Suite suffers from a cross site scripting vulnerability. Version 12.1.4 is affected.
330164019ca36985ae57a2a7d3254a6caf05cc6e3de339d6d2d0609cb18a4c10Oracle E-Business Suite suffers from a remote SQL injection vulnerability. Versions 12.1.3 and 12.1.4 are affected.
bed7d6cdc8769e52a8aa6079d2197b1a4a13e686111b6e01d1e0c62a2b41c50dThere is a script in EBS that is used to connect to the database and displays the connection status. Different connection results can help an attacker to find existing database accounts. Version 12.2.4 is affected.
1aa0dba66e594f4a17c1c25ee299403e80adb017253f58e948040cbe8038ad7fSAP NetWeaver suffers from a command execution vulnerability in the TH_GREP report.
c3dfd70888d86b64249ce6ffaa7d8426a73697ec5490a405e2af35c4743d2370
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed