Vulnerabilities > Oracle > Data Integrator

DATE CVE VULNERABILITY TITLE RISK
2018-05-22 CVE-2018-9019 SQL Injection vulnerability in multiple products
SQL Injection vulnerability in Dolibarr before version 7.0.2 allows remote attackers to execute arbitrary SQL commands via the sortfield parameter to /accountancy/admin/accountmodel.php, /accountancy/admin/categories_list.php, /accountancy/admin/journals_list.php, /admin/dict.php, /admin/mails_templates.php, or /admin/website.php.
network
low complexity
dolibarr oracle CWE-89
critical
9.8
2018-02-22 CVE-2018-7318 SQL Injection vulnerability in multiple products
SQL Injection exists in the CheckList 1.1.1 component for Joomla! via the title_search, tag_search, name_search, description_search, or filter_order parameter.
network
low complexity
belitsoft oracle CWE-89
critical
9.8
2017-04-06 CVE-2015-8965 Permissions, Privileges, and Access Controls vulnerability in multiple products
Rogue Wave JViews before 8.8 patch 21 and 8.9 before patch 1 allows remote attackers to execute arbitrary Java code that exists in the classpath, such as test code or administration code.
network
low complexity
perforce oracle CWE-264
critical
9.8
2017-01-30 CVE-2017-5611 SQL Injection vulnerability in multiple products
SQL injection vulnerability in wp-includes/class-wp-query.php in WP_Query in WordPress before 4.7.2 allows remote attackers to execute arbitrary SQL commands by leveraging the presence of an affected plugin or theme that mishandles a crafted post type name.
network
low complexity
wordpress debian oracle CWE-89
critical
9.8
2016-10-25 CVE-2016-5618 Information Exposure vulnerability in Oracle Data Integrator
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.2.0.0, 12.1.3.0.0, 12.2.1.0.0, and 12.2.1.1.0 allows remote authenticated users to affect confidentiality via vectors related to Code Generation Engine.
network
high complexity
oracle CWE-200
3.1
2016-10-25 CVE-2016-5602 Information Exposure vulnerability in Oracle Data Integrator
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.0.0, and 12.2.1.1.0 allows remote authenticated users to affect confidentiality via vectors related to Code Generation Engine.
network
low complexity
oracle CWE-200
5.7