Description
ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script.
Remediation
References
Related Vulnerabilities
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4309)
WordPress Plugin WP Safe Search 'v1' Parameter Cross-Site Scripting (0.7)
WordPress Plugin Monarch Social Sharing Security Bypass (1.2.6)
WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease SQL Injection (4.1.3)