Oracle E-Business Suite SQL injection (CVE-2017-3549)

Description

Oracle EBS iesfootprint script is vulnerable to an SQL injection vulnerability, which may allow an attacker to execute malicious SQL statements in the OEBS database server.

Remediation

Upgrade to the latest version of Oracle E-Business Suite

References

[ERPSCAN-17-021] SQL Injection in E-Business Suite IESFOOTPRINT

Related Vulnerabilities

WordPress Plugin SP Rental Manager SQL Injection (1.5.3)

WordPress Plugin Google Analytics Dashboard SQL Injection (2.0.4)

WordPress Plugin Google Doc Embedder SQL Injection (2.5.14)

WordPress Plugin WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection-StopBadBots SQL Injection (6.59)

WordPress Plugin Plugmatter Optin Feature Box Multiple SQL Injection Vulnerabilities (2.0.13)

Severity

High

Classification

CWE-89 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N