Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle scripting vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-23457
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Prior to version 2.3.0.0, the default implementation of `Validator.getValidDirectoryPath(String, String, File, boolean)` may incorrectly treat the tested input string as a ...
Owasp Enterprise Security Api
Oracle Weblogic Server 12.2.1.3.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Netapp Oncommand Workflow Automation -
Netapp Active Iq Unified Manager -
6.1
CVSSv3
CVE-2022-24891
ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Prior to version 2.3.0.0, there is a potential for a cross-site scripting vulnerability in ESAPI caused by a incorrect regular expression for "onsiteURL" in the *...
Owasp Enterprise Security Api
Oracle Weblogic Server 12.2.1.3.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Netapp Oncommand Workflow Automation -
Netapp Active Iq Unified Manager -
1 Github repository
NA
CVE-2007-2119
Cross-site scripting (XSS) vulnerability in boundary_rules.jsp in the Administration Front End for Oracle Enterprise (Ultra) Search, as used in Database Server 9.2.0.8, 10.1.0.5, and 10.2.0.2, and in Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2.0 allows remote malicious u...
Oracle Application Server 10.1.2.0.2
Oracle Database Server 9.2.0.8
Oracle Database Server 10.1.0.5
Oracle Database Server 10.2.0.2
Oracle Application Server 10.1.2.2
Oracle Application Server 9.0.4.3
NA
CVE-2009-2446
Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 up to and including 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other impact via format...
Mysql Mysql 4.1.8
Oracle Mysql 4.1.9
Oracle Mysql 4.1.17
Oracle Mysql 4.1.16
Mysql Mysql 4.1.3
Oracle Mysql 4.1.22
Mysql Mysql 4.1.0
Oracle Mysql 4.1.0
Mysql Mysql 4.1.12
Mysql Mysql 4.1.13
Oracle Mysql 4.0.25
Oracle Mysql 4.0.24
Oracle Mysql 4.0.6
Oracle Mysql 4.0.1
Oracle Mysql 4.0.16
Oracle Mysql 4.0.17
Oracle Mysql 5.0.0
Oracle Mysql 5.0.11
Mysql Mysql 5.0.1
Oracle Mysql 5.0.42
Mysql Mysql 5.0.56
Oracle Mysql 5.0.32
1 EDB exploit
NA
CVE-2006-5367
Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.7 up to 11.5.10CU2 have unknown impact and remote authenticated attack vectors, aka Vuln# (1) APPS03 in Oracle Applications Framework, (2) APPS04 in Oracle Applications Technology Stack, and (3) APPS05 in Oracle...
Oracle E-business Suite 11.5.10
Oracle E-business Suite 11.7
Oracle E-business Suite 11.8
Oracle E-business Suite 11.5.9
Oracle E-business Suite 11.6
Oracle E-business Suite 11.5.10.1
Oracle E-business Suite 11.5.10.2
Oracle E-business Suite 11.5.7
Oracle E-business Suite 11.5.8
NA
CVE-2009-1975
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3 allows remote malicious users to affect confidentiality, integrity, and availability, related to the WLS Console Package.
Oracle Bea Product Suite 10.3
1 EDB exploit
NA
CVE-2005-0873
Multiple cross-site scripting (XSS) vulnerabilities in test.jsp in Oracle Reports Server 10g (9.0.4.3.3) allow remote malicious users to inject arbitrary web script or HTML via the (1) desname or (2) repprod parameter.
Oracle 10g Reports Server 9.0.4.3.3
1 EDB exploit
6.1
CVSSv3
CVE-2020-9281
A cross-site scripting (XSS) vulnerability in the HTML Data Processor for CKEditor 4.0 prior to 4.14 allows remote malicious users to inject arbitrary web script through a crafted "protected" comment (with the cke_protected syntax).
Ckeditor Ckeditor
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Drupal Drupal
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 11.1.1.9.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Webcenter Portal 12.2.1.4.0
Oracle Application Express
Oracle Jd Edwards Enterpriseone Tools
Oracle Siebel Apps - Customer Order Management
Oracle Peoplesoft Enterprise Peopletools -
Oracle Banking Enterprise Default Management 2.12.0
Oracle Banking Enterprise Default Management 2.10.0
Oracle Banking Enterprise Default Managment
Oracle Banking Enterprise Default Management 2.7.0
Oracle Banking Enterprise Default Management 2.7.1
NA
CVE-2009-4030
MySQL 5.1.x prior to 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tabl...
Mysql Mysql 5.1.23
Mysql Mysql 5.1.32
Mysql Mysql 5.1.5
Oracle Mysql 5.1
Oracle Mysql 5.1.1
Oracle Mysql 5.1.2
Oracle Mysql 5.1.3
Oracle Mysql 5.1.4
Oracle Mysql 5.1.6
Oracle Mysql 5.1.7
Oracle Mysql 5.1.8
Oracle Mysql 5.1.9
Oracle Mysql 5.1.10
Oracle Mysql 5.1.11
Oracle Mysql 5.1.12
Oracle Mysql 5.1.13
Oracle Mysql 5.1.14
Oracle Mysql 5.1.15
Oracle Mysql 5.1.16
Oracle Mysql 5.1.17
Oracle Mysql 5.1.18
Oracle Mysql 5.1.19
6.1
CVSSv3
CVE-2020-11023
In jQuery versions greater than or equal to 1.0.3 and prior to 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted c...
Jquery Jquery
Debian Debian Linux 9.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Drupal Drupal
Oracle Weblogic Server 12.1.3.0.0
Oracle Hyperion Financial Reporting 11.1.2.4
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Application Testing Suite 13.3.0.1
Oracle Communications Operations Monitor 3.4
Oracle Weblogic Server 12.2.1.4.0
Oracle Webcenter Sites 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Communications Interactive Session Recorder
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
Oracle Communications Element Manager 8.1.1
Oracle Application Express
Oracle Rest Data Services 12.2.0.1
Oracle Rest Data Services 12.1.0.2
13 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »