Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
business one vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2024-20936
Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Documents). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...
Oracle One-to-one Fulfillment
8
CVSSv3
CVE-2023-31403
SAP Business One installation - version 10.0, does not perform proper authentication and authorization checks for SMB shared folder. As a result, any malicious user can read and write to the SMB shared folder. Additionally, the files in the folder can be executed or be used by th...
Sap Business One 10.0
1 Article
4.3
CVSSv3
CVE-2023-41365
SAP Business One (B1i) - version 10.0, allows an authorized malicious user to retrieve the details stack trace of the fault message to conduct the XXE injection, which will lead to information disclosure. After successful exploitation, an attacker can cause limited impact on the ...
Sap Business One 10.0
7.2
CVSSv3
CVE-2023-41179
A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an malicious user to manipulate the module to execute arbitrary commands on an affected ...
Trendmicro Apex One 2019
Trendmicro Worry-free Business Security 10.0
Trendmicro Worry-free Business Security Services -
5.4
CVSSv3
CVE-2023-39437
SAP business One allows - version 10.0, allows an malicious user to insert malicious code into the content of a web page or application and gets it delivered to the client, resulting to Cross-site scripting. This could lead to harmful action affecting the Confidentiality, Integri...
Sap Business One 10.0
5.3
CVSSv3
CVE-2023-37487
SAP Business One (Service Layer) - version 10.0, allows an authenticated attacker with deep knowledge perform certain operation to access unintended data over the network which could lead to high impact on confidentiality with no impact on integrity and availability of the applic...
Sap Business One 10.0
7.5
CVSSv3
CVE-2023-33993
B1i module of SAP Business One - version 10.0, application allows an authenticated user with deep knowledge to send crafted queries over the network to read or modify the SQL data. On successful exploitation, the attacker can cause high impact on confidentiality, integrity and av...
Sap Business One 10.0
9.8
CVSSv3
CVE-2023-37470
Metabase is an open-source business intelligence and analytics platform. Prior to versions 0.43.7.3, 0.44.7.3, 0.45.4.3, 0.46.6.4, 1.43.7.3, 1.44.7.3, 1.45.4.3, and 1.46.6.4, a vulnerability could potentially allow remote code execution on one's Metabase server. The core iss...
Metabase Metabase
9.6
CVSSv3
CVE-2023-32680
Metabase is an open source business analytics engine. To edit SQL Snippets, Metabase should have required people to be in at least one group with native query editing permissions to a database–but affected versions of Metabase didn't enforce that requirement. This lack...
Metabase Metabase
5.4
CVSSv3
CVE-2022-4790
The WP Google My Business Auto Publish WordPress plugin prior to 3.4 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.
Auto Publish For Google My Business Project Auto Publish For Google My Business
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975
CVE-2024-2961
CVE-2024-20380
XML injection
HTML injection
CVE-2024-29204
CVE-2023-51795
memory leak
CVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »