CPE-08789CF2-13AB-48B5-9E86-128519EC4222 Detail

CPE Details

Oracle Micros Lucas 2.9.5

Vendor

oracle

Product

micros_lucas

Version

2.9.5

Created

2021-01-27
12h34 +00:00

Modified

2021-01-27
12h34 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:oracle:micros_lucas:2.9.5:::::::*

Informations

Vendor

oracle

Product

micros_lucas

Version

2.9.5

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2018-11039	2018-06-25 15h00 +00:00	Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applications to change the HTTP request method to any HTTP method (including TRACE) using the HiddenHttpMethodFilter in Spring MVC. If an application has a pre-existing XSS vulnerability, a malicious user (or attacker) can use this filter to escalate to an XST (Cross Site Tracing) attack.	5.9	Medium
CVE-2018-11040	2018-06-25 15h00 +00:00	Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through AbstractJsonpResponseBodyAdvice for REST controllers and MappingJackson2JsonView for browser requests. Both are not enabled by default in Spring Framework nor Spring Boot, however, when MappingJackson2JsonView is configured in an application, JSONP support is automatically ready to use through the "jsonp" and "callback" JSONP parameters, enabling cross-domain requests.	7.5	High
CVE-2018-1258	2018-05-11 20h00 +00:00	Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted.	8.8	High
CVE-2017-12617	2017-10-03 15h00 +00:00	When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.	8.1	High

Oracle Micros Lucas 2.9.5

CPE Details

CPE Name: cpe:2.3:a:oracle:micros_lucas:2.9.5:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:oracle:micros_lucas:2.9.5:::::::*