Oracle Supply Chain Products Suite CVE-2014-0372 Multiple SQL Injection Vulnerabilities

Oracle Supply Chain Products Suite is prone to multiple SQL-injection vulnerabilities in Oracle Demantra Demand Management.

The vulnerability can be exploited over the 'HTTP' protocol. The 'DM Others' sub component is affected.

Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

This vulnerability affects the following supported versions:
7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.1, 12.2.2


 

Privacy Statement
Copyright 2010, SecurityFocus