Description

Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting (1) XSQLConfig.xml or (2) soapConfig.xml through a virtual directory.

Remediation

References

CVE-2002-0568

Related Vulnerabilities

WordPress Plugin Simple Image Sizes Unspecified Vulnerability (2.2.4)

WordPress Plugin Customer Reviews for WooCommerce Local File Inclusion (5.15.0)

WordPress Plugin Video Lessons Manager-Video Lessons LMS for eLearning Site Cross-Site Scripting (3.5.8)

WordPress Plugin Photo Gallery by Supsystic Multiple Vulnerabilities (1.8.5)

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-31805)

Severity

Low

Classification

CVE-2002-0568

Tags

Missing Update Known Vulnerabilities