Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
business portal vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2013-3788
Unspecified vulnerability in the Oracle iSupplier Portal component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote malicious users to affect integrity via unknown vectors related to Supplier Management.
Oracle E-business Suite 12.1.1
Oracle E-business Suite 12.1.2
Oracle E-business Suite 11.5.10.2
Oracle E-business Suite 12.0.6
Oracle E-business Suite 12.1.3
5
CVSSv2
CVE-2008-3988
Unspecified vulnerability in the iSupplier Portal component in Oracle E-Business Suite 11.5.10.2 and 12.0.4 allows remote malicious users to affect confidentiality via unknown vectors.
Oracle E-business Suite 11.5
Oracle E-business Suite 10.2
Oracle E-business Suite 12.0.4
5
CVSSv2
CVE-2015-2615
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.0.6, 12.1.3, and 12.2.3 allows remote malicious users to affect confidentiality via unknown vectors related to Portal.
Oracle E-business Suite 12.2.3
Oracle E-business Suite 12.1.3
Oracle E-business Suite 12.0.6
3.5
CVSSv2
CVE-2013-0581
Multiple cross-site scripting (XSS) vulnerabilities in IBM Business Process Manager (BPM) 7.5.1.x, 8.0.0.x, and 8.0.1 before FP1 allow remote authenticated users to inject arbitrary web script or HTML via vectors involving (1) ProcessPortal/jsp/socialPortal/dashboard.jsp, (2) tea...
Ibm Business Process Manager 7.5.1.0
Ibm Business Process Manager 7.5.1.1
Ibm Business Process Manager 8.0.0.0
Ibm Business Process Manager 8.0.1.0
6.8
CVSSv2
CVE-2015-4851
Unspecified vulnerability in the Oracle iSupplier Portal component in Oracle E-Business Suite 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote malicious users to affect confidentiality, integrity, and availability via vectors related to XML input. NOTE: the previous information i...
Oracle E-business Suite 12.2.3
Oracle E-business Suite 12.2.4
Oracle E-business Suite 12.0.6
Oracle E-business Suite 12.1.3
7.5
CVSSv2
CVE-2006-0552
Unspecified vulnerability in the Net Listener component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, and 9.2.0.7 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB11.
Oracle Application Server 10.1.2.0.0
Oracle Application Server 10.1.2.0.1
Oracle Application Server 9.0.4.2
Oracle Collaboration Suite 10.1.1
Oracle Developer Suite 9.0.2.1
Oracle Developer Suite 9.0.4.1
Oracle E-business Suite 11.5.5
Oracle E-business Suite 11.5.6
Oracle Oracle10g Enterprise 10.1.0.4
Oracle Oracle10g Personal 10.1.0.3
Oracle Oracle10g Personal 10.1.0.4
Oracle Oracle8i Standard 8.0.6
Oracle Oracle8i Standard 8.0.6.3
Oracle Peoplesoft Enterprise Portal 8.4
Oracle Peoplesoft Enterprise Portal 8.8
Oracle 10g Enterprise Manager Grid Control 10.1 .0.4
Oracle Application Server 1.0.2.2
Oracle Application Server 10.1.2.0.2
Oracle Application Server 10.1.2.1.0
Oracle Database Server 8.0.6
Oracle Database Server 8.0.6.3
Oracle E-business Suite 11.5.10
7.8
CVSSv2
CVE-2007-0923
buscador/buscador.htm in Portal Search allows remote malicious users to obtain sensitive information (business logic) via a query string composed of a search for certain characters.
Radical Technologies Portal Search
7.5
CVSSv2
CVE-2019-10173
It was found that xstream API version 1.4.10 prior to 1.4.11 introduced a regression for a previous deserialization flaw. If the security framework has not been initialized, it may allow a remote malicious user to run arbitrary shell commands when unmarshalling XML or any support...
Xstream Project Xstream 1.4.10
Oracle Banking Platform 2.4.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.2.0.2.0
Oracle Utilities Framework 2.2.0.0.0
Oracle Endeca Information Discovery Studio 3.2.0
Oracle Utilities Framework 4.4.0.0.0
Oracle Communications Unified Inventory Management 7.4.0
Oracle Retail Xstore Point Of Service 17.0
Oracle Utilities Framework
Oracle Communications Diameter Signaling Router
Oracle Communications Unified Inventory Management 7.3.0
Oracle Banking Platform
Oracle Communications Billing And Revenue Management Elastic Charging Engine 11.3.0.9.0
Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0.0.3.0
Oracle Business Activity Monitoring 12.2.1.3.0
Oracle Business Activity Monitoring 11.1.1.9.0
Oracle Endeca Information Discovery Studio 3.2.0.0
Oracle Banking Platform 2.7.1
Oracle Banking Platform 2.9.0
2 Github repositories
5
CVSSv2
CVE-2018-3246
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to c...
Oracle Weblogic Server 12.1.3.0.0
Oracle Communications Converged Application Server
Oracle Webcenter Portal 12.2.1.3.0
Oracle Retail Convenience And Fuel Pos Software 2.8.1
Oracle Utilities Network Management System 2.3.0.2
Oracle Business Process Management Suite 11.1.1.9.0
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Enterprise Repository 12.1.3.0.0
Oracle Banking Platform 2.6.1
Oracle Banking Platform 2.6.2
Oracle Utilities Network Management System 1.12.0.3
Oracle Utilities Network Management System 2.3.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Communications Webrtc Session Controller
Oracle Webcenter Portal 11.1.1.9.0
Oracle Weblogic Server 12.2.1.3
Oracle Banking Platform 2.6.0
Oracle Utilities Network Management System 2.3.0.1
NA
CVE-2023-21825
Vulnerability in the Oracle iSupplier Portal product of Oracle E-Business Suite (component: Supplier Management). Supported versions that are affected are 12.2.6-12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Or...
Oracle Isupplier Portal
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »