Vulnerabilities > CVE-2014-0379 - HTML Injection vulnerability in Oracle products

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
oracle
exploit available

Summary

Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0.x, 7.3.1.x, 12.2.0, 12.2.1, and 12.2.2 allows remote attackers to affect integrity via unknown vectors related to DM Others.

Exploit-Db

descriptionOracle Demantra 12.2.1 - Stored XSS Vulnerability. CVE-2014-0379. Webapps exploit for windows platform
fileexploits/windows/webapps/31994.txt
idEDB-ID:31994
last seen2016-02-03
modified2014-03-01
platformwindows
port8080
published2014-03-01
reporterPortcullis
sourcehttps://www.exploit-db.com/download/31994/
titleOracle Demantra 12.2.1 - Stored XSS Vulnerability
typewebapps

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/125486/oracledemantra-storedxss.txt
idPACKETSTORM:125486
last seen2016-12-05
published2014-03-02
reporterOliver Gruskovnjak
sourcehttps://packetstormsecurity.com/files/125486/Oracle-Demantra-12.2.1-Stored-Cross-Site-Scripting.html
titleOracle Demantra 12.2.1 Stored Cross Site Scripting