Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle application server 1.0.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-2347
Cross-site scripting (XSS) vulnerability in Oracle Java Server Page (OJSP) demo files (1) hellouser.jsp, (2) welcomeuser.jsp and (3) usebean.jsp in Oracle 9i Application Server 9.0.2, 1.0.2.2, 1.0.2.1s and 1.0.2 allows remote malicious users to inject arbitrary web script or HTML...
Oracle Application Server 1.0.2
Oracle Application Server 1.0.2.1s
Oracle Application Server 1.0.2.2
Oracle Application Server 9.0.2
NA
CVE-2002-1630
The sendmail.jsp sample page in Oracle 9i Application Server (9iAS) allows remote malicious users to send arbitrary emails.
Oracle Application Server 1.0.2.2
Oracle Application Server 9.0.2.0.0
Oracle Application Server 1.0.2
Oracle Application Server 1.0.2.1s
Oracle Application Server 9.0.2.0.1
NA
CVE-2002-1631
SQL injection vulnerability in the query.xsql sample page in Oracle 9i Application Server (9iAS) allows remote malicious users to execute arbitrary code via the sql parameter.
Oracle Application Server 9.0.2.0.0
Oracle Application Server 1.0.2
Oracle Application Server 1.0.2.1s
Oracle Application Server 1.0.2.2
Oracle Application Server 9.0.2.0.1
NA
CVE-2002-1632
Oracle 9i Application Server (9iAS) installs multiple sample pages that allow remote malicious users to obtain environment variables and other sensitive information via (1) info.jsp, (2) printenv, (3) echo, or (4) echo2.
Oracle Application Server 1.0.2.1s
Oracle Application Server 1.0.2.2
Oracle Application Server 1.0.2
Oracle Application Server 9.0.2.0.0
Oracle Application Server 9.0.2.0.1
NA
CVE-2001-1217
Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server allows remote malicious users to access sensitive information via a double encoded URL with .. (dot dot) sequences.
Oracle Application Server 1.0.2
NA
CVE-2002-0569
Oracle 9i Application Server allows remote malicious users to bypass access restrictions for configuration files via a direct request to the XSQL Servlet (XSQLServlet).
Oracle Application Server 1.0.2
NA
CVE-2002-1636
Cross-site scripting (XSS) vulnerability in the htp PL/SQL package for Oracle 9i Application Server (9iAS) allows remote malicious users to inject arbitrary web script or HTML via the cbuf parameter to htp.print.
Oracle Application Server 1.0.2
NA
CVE-2001-1371
The default configuration of Oracle Application Server 9iAS 1.0.2.2 enables SOAP and allows anonymous users to deploy applications by default via urn:soap-service-manager and urn:soap-provider-manager.
Oracle Application Server 1.0.2
NA
CVE-2001-1372
Oracle 9i Application Server 1.0.2 allows remote malicious users to obtain the physical path of a file under the server root via a request for a non-existent .JSP file, which leaks the pathname in an error message.
Oracle Application Server 1.0.2
NA
CVE-2001-1216
Buffer overflow in PL/SQL Apache module in Oracle 9i Application Server allows remote malicious users to execute arbitrary code via a long request for a help page.
Oracle Application Server 1.0.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »