Description
Directory traversal vulnerability in Oracle JSP 1.0.x through 1.1.1 and Oracle 8.1.7 iAS Release 1.0.2 can allow a remote attacker to read or execute arbitrary .jsp files via a '..' (dot dot) attack.
Remediation
References
Related Vulnerabilities
Apache Tomcat Credentials Management Errors Vulnerability (CVE-2009-3548)
Oracle Application Server CVE-2006-0287 Vulnerability (CVE-2006-0287)
Sqlite Improper Input Validation Vulnerability (CVE-2017-13685)
Python Uncontrolled Resource Consumption Vulnerability (CVE-2020-8492)
WordPress Plugin vSlider Multi Image Slider for WordPress Arbitrary File Upload (4.1.2)