Description

SQL injection vulnerability in the query.xsql sample page in Oracle 9i Application Server (9iAS) allows remote attackers to execute arbitrary code via the sql parameter.

Remediation

References

CVE-2002-1631

Related Vulnerabilities

IBM WebSEAL Other Vulnerability (CVE-2023-30997)

Microsoft SQL Server CVE-2023-21705 Vulnerability (CVE-2023-21705)

PHP Other Vulnerability (CVE-2007-3790)

WordPress Plugin IP Blacklist Cloud Arbitrary File Disclosure (3.42)

Drupal Core 8.9.x Arbitrary File Overwrite (8.9.0 - 8.9.12)

Severity

High

Classification

CVE-2002-1631

Tags

Missing Update Known Vulnerabilities