Description

SQL injection vulnerability in mod_sql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the query string of the URL.

Remediation

References

CVE-2000-1236

Related Vulnerabilities

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-4301)

MODX Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-8773)

WordPress Plugin Sitemap Index Cross-Site Scripting (1.2.3)

WordPress Plugin SEO Redirection-301 Redirect Manager SQL Injection (3.5)

phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-5501)

Severity

High

Classification

CVE-2000-1236

Tags

Missing Update Known Vulnerabilities