Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Oracle E-Business Suite SQL injection (CVE-2017-3549) - Vulnerability Database

Oracle E-Business Suite SQL injection (CVE-2017-3549)

Description

Oracle EBS iesfootprint script is vulnerable to an SQL injection vulnerability, which may allow an attacker to execute malicious SQL statements in the OEBS database server.

Remediation

Upgrade to the latest version of Oracle E-Business Suite

References

[ERPSCAN-17-021] SQL Injection in E-Business Suite IESFOOTPRINT

Related Vulnerabilities

Ivanti EPM SQLi RCE (CVE-2024-29824) High
Common tags: Acumonitor Sql Injection Known Vulnerabilities
SQL Injection in Symphony High
Common tags: Sql Injection Known Vulnerabilities
Joomla! 1.7/2.5 SQL injection vulnerability High
Common tags: Sql Injection Known Vulnerabilities
Ruby on Rails DoubleTap RCE (CVE-2019-5420) High
Common tags: Acumonitor Known Vulnerabilities
GeoServer SQLi (CVE-2023-25157) High
Common tags: Sql Injection Known Vulnerabilities

Severity

High

Classification

CVE-2017-3549
CWE-89
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Tags

Acumonitor
Sql Injection
Known Vulnerabilities