Description
The default configuration of the PL/SQL Gateway web administration interface in Oracle 9i Application Server 1.0.2.x uses null authentication, which allows remote attackers to gain privileges and modify DAD settings.
Remediation
References
Related Vulnerabilities
Drupal Files or Directories Accessible to External Parties Vulnerability (CVE-2017-6922)
WordPress Plugin Minimal Coming Soon & Maintenance Mode-Coming Soon Page Security Bypass (1.87)
WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease SQL Injection (4.6.1)
Oracle JRE CVE-2022-21305 Vulnerability (CVE-2022-21305)
WordPress Plugin WordPress Infinite Scroll-Ajax Load More Unspecified Vulnerability (2.11.0)