Vulnerabilities > CVE-2014-0379 - HTML Injection vulnerability in Oracle products
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0.x, 7.3.1.x, 12.2.0, 12.2.1, and 12.2.2 allows remote attackers to affect integrity via unknown vectors related to DM Others.
Vulnerable Configurations
Exploit-Db
description | Oracle Demantra 12.2.1 - Stored XSS Vulnerability. CVE-2014-0379. Webapps exploit for windows platform |
file | exploits/windows/webapps/31994.txt |
id | EDB-ID:31994 |
last seen | 2016-02-03 |
modified | 2014-03-01 |
platform | windows |
port | 8080 |
published | 2014-03-01 |
reporter | Portcullis |
source | https://www.exploit-db.com/download/31994/ |
title | Oracle Demantra 12.2.1 - Stored XSS Vulnerability |
type | webapps |
Packetstorm
data source | https://packetstormsecurity.com/files/download/125486/oracledemantra-storedxss.txt |
id | PACKETSTORM:125486 |
last seen | 2016-12-05 |
published | 2014-03-02 |
reporter | Oliver Gruskovnjak |
source | https://packetstormsecurity.com/files/125486/Oracle-Demantra-12.2.1-Stored-Cross-Site-Scripting.html |
title | Oracle Demantra 12.2.1 Stored Cross Site Scripting |