Description

rwcgi60 CGI program in Oracle Reports Server, by design, provides sensitive information such as the full pathname, which could enable remote attackers to use the information in additional attacks.

Remediation

References

CVE-2002-1089

Related Vulnerabilities

WordPress Plugin SS Quiz Multiple Unspecified Vulnerabilities (1.12)

WordPress Plugin Contact Bank-Contact Form Builder for WordPress Cross-Site Scripting (2.1.22)

WordPress Plugin Google Forms Server-Side Request Forgery (0.91)

WordPress Plugin WP Construction Mode Cross-Site Request Forgery (1.8)

WordPress Plugin Custom Menu Cross-Site Scripting (1.3.3)

Severity

Medium

Classification

CVE-2002-1089

Tags

Missing Update Known Vulnerabilities