Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Oracle Subscribe
Filtered by product Application Server Discussion Forum Portlet
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2005-4550 1 Oracle 1 Application Server Discussion Forum Portlet 2017-07-19 5.0 MEDIUM N/A
The PORTAL schema in Oracle Application Server (OracleAS) Discussion Forum Portlet allows remote attackers to obtain the source code for arbitrary JSP and other files via a df_next_page parameter with a trailing null byte (%00).
CVE-2005-4549 1 Oracle 1 Application Server Discussion Forum Portlet 2016-10-17 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Oracle Application Server (OracleAS) Discussion Forum Portlet allows remote attackers to inject arbitrary web script or HTML via the (1) RowKeyValue parameter in the PORTAL schema; and the (2) title and (3) content input fields when creating an forum article.