Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
financial consolidation vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2016-0538
Unspecified vulnerability in the Oracle Financial Consolidation Hub component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote malicious users to affect confidentiality via unknown vectors related to Business Intelligence.
Oracle Financial Consolidation Hub 12.1.3
Oracle Financial Consolidation Hub 12.1.2
Oracle Financial Consolidation Hub 12.1.1
Oracle Financial Consolidation Hub 11.5.10.2
3.5
CVSSv2
CVE-2019-0369
SAP Financial Consolidation, prior to 10.0 and 10.1, does not sufficiently encode user-controlled inputs, which allows an malicious user to execute scripts by uploading files containing malicious scripts, leading to reflected cross site scripting vulnerability.
Sap Financial Consolidation 10.0
Sap Financial Consolidation 10.1
6.4
CVSSv2
CVE-2019-0370
Due to missing input validation, SAP Financial Consolidation, prior to 10.0 and 10.1, enables an malicious user to use crafted input to interfere with the structure of the surrounding query leading to XPath Injection.
Sap Financial Consolidation 10.0
Sap Financial Consolidation 10.1
4.3
CVSSv2
CVE-2018-2444
SAP BusinessObjects Financial Consolidation, versions 10.0, 10.1, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Businessobjects Financial Consolidation 10.1
Sap Businessobjects Financial Consolidation 10.0
5
CVSSv2
CVE-2018-2499
A security weakness in SAP Financial Consolidation Cube Designer (BOBJ_EADES fixed in versions 8.0, 10.1) may allow an malicious user to discover the password hash of an admin user.
Sap Financial Consolidation Cube Designer 10.1
Sap Financial Consolidation Cube Designer Bobj Eades 8.0
1 Article
NA
CVE-2022-41258
Due to insufficient input validation, SAP Financial Consolidation - version 1010, allows an authenticated malicious user to inject malicious script when running a common query in the Web Administration Console. On successful exploitation, an attacker can view or modify informatio...
Sap Financial Consolidation 1010
NA
CVE-2022-41260
SAP Financial Consolidation - version 1010, does not sufficiently encode user-controlled input which may allow an unauthenticated malicious user to inject a web script via a GET request. On successful exploitation, an attacker can view or modify information causing a limited impa...
Sap Financial Consolidation 1010
5
CVSSv2
CVE-2022-26104
SAP Financial Consolidation - version 10.1, does not perform necessary authorization checks for updating homepage messages, resulting for an unauthorized user to alter the maintenance system message.
Sap Financial Consolidation 10.1
NA
CVE-2022-41208
Due to insufficient input validation, SAP Financial Consolidation - version 1010, allows an authenticated attacker with user privileges to alter current user session. On successful exploitation, the attacker can view or modify information, causing a limited impact on confidential...
Sap Financial Consolidation 1010
4.3
CVSSv2
CVE-2017-14516
Cross-Site Scripting (XSS) exists in SAP Business Objects Financial Consolidation prior to 2017-06-13, aka SAP Security Note 2422292.
Sap Businessobjects Financial Consolidation -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744
privilege escalation
CVE-2024-30253
CVE-2024-3914
cross-site scripting
CVE-2024-31497
CVE-2024-3400
CVE-2024-32341
hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »