Vulnerability Name
Classifications
Severity
Code Execution via File Upload
PCI v3.2-6.5.1, CAPEC-210, CWE-94, HIPAA-164.306(a), ISO27001-A.14.2.5, WASC-42, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Critical
Oracle EBS – Unauthenticated Remote Code Execution
PCI v3.2-6.5.1, CAPEC-210, CWE-94, HIPAA-164.306(a), ISO27001-A14.2.5, WASC-42, OWASP 2013-A1, OWASP 2017-A1
Critical
Reflected File Download
PCI v3.2-6.5.1, CAPEC-375, CWE-840, ISO27001-A.14.2.5, WASC-42, OWASP 2013-A1, OWASP 2017-A1
Low