CVSS: 8.5EPSS: 0%CPEs: 65EXPL: 0CVE-2008-4014
https://notcve.org/view.php?id=CVE-2008-4014
14 Jan 2009 — Unspecified vulnerability in the Oracle BPEL Process Manager component in Oracle Application Server allows remote authenticated users to affect confidentiality and integrity via unknown vectors. Vulnerabilidad sin especificar en el componente Oracle BPEL Process Manager en Oracle Application Server None permite a usuarios remotamente autentificados afectar la confidencialidad e integridad mediante vectores desconocidos. • http://secunia.com/advisories/33525 •
CVSS: 6.1EPSS: 1%CPEs: 2EXPL: 1CVE-2007-3553 – Oracle Rapid Install Web Server - Secondary Login Page Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2007-3553
03 Jul 2007 — Cross-site scripting (XSS) vulnerability in Rapid Install Web Server in Oracle Application Server 11i allows remote attackers to inject arbitrary web script or HTML via a URL to the "Secondary Login Page", as demonstrated using (1) pls/ and (2) pls/MSBEP004/. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Rapid Install Web SErver de Oracle Application Server 11i permite a ... • https://www.exploit-db.com/exploits/30256 •
CVSS: 10.0EPSS: 4%CPEs: 5EXPL: 0CVE-2004-0385
https://notcve.org/view.php?id=CVE-2004-0385
16 Apr 2004 — Heap-based buffer overflow in Oracle 9i Application Server Web Cache 9.0.4.0.0, 9.0.3.1.0, 9.0.2.3.0, and 9.0.0.4.0 allows remote attackers to execute arbitrary code via a long HTTP request method header to the Web Cache listener. NOTE: due to the vagueness of the Oracle advisory, it is not clear whether there are additional issues besides this overflow, although the advisory alludes to multiple "vulnerabilities." • http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0078.html •