Description

Oracle EBS iesfootprint script is vulnerable to an SQL injection vulnerability, which may allow an attacker to execute malicious SQL statements in the OEBS database server.

Remediation

Upgrade to the latest version of Oracle E-Business Suite

References

[ERPSCAN-17-021] SQL Injection in E-Business Suite IESFOOTPRINT

Related Vulnerabilities

WordPress Plugin Search Everything SQL Injection (8.1.6)

WordPress Plugin WP-Testimonials SQL Injection (3.4.1)

WordPress Plugin Pods-Custom Content Types and Fields SQL Injection (2.5.1.1)

WordPress Plugin ProPlayer 'pp_playlist_id' Parameter SQL Injection (4.7.7)

WordPress Plugin wpDataTables-WordPress Data Table, Dynamic Tables & Table Charts Multiple Vulnerabilities (1.2.2)

Severity

High

Classification

CWE-89 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Tags

Acumonitor SQL Injection