Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle application server 1.0.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2002-2347
Cross-site scripting (XSS) vulnerability in Oracle Java Server Page (OJSP) demo files (1) hellouser.jsp, (2) welcomeuser.jsp and (3) usebean.jsp in Oracle 9i Application Server 9.0.2, 1.0.2.2, 1.0.2.1s and 1.0.2 allows remote malicious users to inject arbitrary web script or HTML...
Oracle Application Server 1.0.2.1s
Oracle Application Server 9.0.2
Oracle Application Server 1.0.2.2
Oracle Application Server 1.0.2
NA
CVE-2002-1630
The sendmail.jsp sample page in Oracle 9i Application Server (9iAS) allows remote malicious users to send arbitrary emails.
Oracle Application Server 9.0.2.0.0
Oracle Application Server 9.0.2.0.1
Oracle Application Server 1.0.2.1s
Oracle Application Server 1.0.2.2
Oracle Application Server 1.0.2
NA
CVE-2002-1631
SQL injection vulnerability in the query.xsql sample page in Oracle 9i Application Server (9iAS) allows remote malicious users to execute arbitrary code via the sql parameter.
Oracle Application Server 9.0.2.0.0
Oracle Application Server 9.0.2.0.1
Oracle Application Server 1.0.2.1s
Oracle Application Server 1.0.2.2
Oracle Application Server 1.0.2
NA
CVE-2002-1632
Oracle 9i Application Server (9iAS) installs multiple sample pages that allow remote malicious users to obtain environment variables and other sensitive information via (1) info.jsp, (2) printenv, (3) echo, or (4) echo2.
Oracle Application Server 9.0.2.0.0
Oracle Application Server 9.0.2.0.1
Oracle Application Server 1.0.2.1s
Oracle Application Server 1.0.2.2
Oracle Application Server 1.0.2
NA
CVE-2001-0591
Directory traversal vulnerability in Oracle JSP 1.0.x up to and including 1.1.1 and Oracle 8.1.7 iAS Release 1.0.2 can allow a remote malicious user to read or execute arbitrary .jsp files via a '..' (dot dot) attack.
Oracle Jsp
Oracle Application Server 1.0.2
NA
CVE-2001-1372
Oracle 9i Application Server 1.0.2 allows remote malicious users to obtain the physical path of a file under the server root via a request for a non-existent .JSP file, which leaks the pathname in an error message.
Oracle Application Server 1.0.2
NA
CVE-2002-0569
Oracle 9i Application Server allows remote malicious users to bypass access restrictions for configuration files via a direct request to the XSQL Servlet (XSQLServlet).
Oracle Application Server 1.0.2
NA
CVE-2001-1371
The default configuration of Oracle Application Server 9iAS 1.0.2.2 enables SOAP and allows anonymous users to deploy applications by default via urn:soap-service-manager and urn:soap-provider-manager.
Oracle Application Server 1.0.2
NA
CVE-2001-1217
Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server allows remote malicious users to access sensitive information via a double encoded URL with .. (dot dot) sequences.
Oracle Application Server 1.0.2
NA
CVE-2001-1216
Buffer overflow in PL/SQL Apache module in Oracle 9i Application Server allows remote malicious users to execute arbitrary code via a long request for a help page.
Oracle Application Server 1.0.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »