Description
Directory traversal vulnerability in Oracle JSP 1.0.x through 1.1.1 and Oracle 8.1.7 iAS Release 1.0.2 can allow a remote attacker to read or execute arbitrary .jsp files via a '..' (dot dot) attack.
Remediation
References
Related Vulnerabilities
MySQL CVE-2019-3009 Vulnerability (CVE-2019-3009)
PHP Improper Input Validation Vulnerability (CVE-2011-4153)
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.1)
Joomla! Core 1.6.x Multiple Cross-Site Scripting Vulnerabilities (1.6.0 - 1.6.3)
Oracle Database Server CVE-2007-5515 Vulnerability (CVE-2007-5515)