Description
netinfiltration reported various high severity vulnerabilities (and exploits) affecting Oracle Reports. These vulnerabilities allow an attacker to dump the database passwords, view folder contents, download files, load a phishing page in the browser and even gain a remote shell.
Remediation
Currently, Oracle didn't provided any fix for these vulnerabilities.
References
Related Vulnerabilities
WordPress Plugin weForms-Easy Drag & Drop Contact Form Builder For WordPress CSV Injection (1.6.3)
WordPress Improper Input Validation Vulnerability (CVE-2008-2392)
Squid Improper Input Validation Vulnerability (CVE-2016-2390)
WordPress Plugin ThemeREX Addons Remote Code Execution (All)
WordPress Plugin DukaPress TimThumb Arbitrary File Upload (2.3.2)