Description
netinfiltration reported various high severity vulnerabilities (and exploits) affecting Oracle Reports. These vulnerabilities allow an attacker to dump the database passwords, view folder contents, download files, load a phishing page in the browser and even gain a remote shell.
Remediation
Currently, Oracle didn't provided any fix for these vulnerabilities.
References
Related Vulnerabilities
WordPress Plugin Five Star Restaurant Menu-WordPress Ordering Remote Code Execution (2.2.0)
Drupal Remote Code Execution (SA-CORE-2018-002)
GhostScript RCE (Remote Code Execution)
TinyMCE ajax_create_folder remote code execution vulnerability
WordPress Plugin Woody ad snippets-Insert Header Footer Code, AdSense Ads PHP Code Injection (1.3)