Description
Oracle 9i Application Server (9iAS) installs multiple sample pages that allow remote attackers to obtain environment variables and other sensitive information via (1) info.jsp, (2) printenv, (3) echo, or (4) echo2.
Remediation
References
Related Vulnerabilities
Magento Insufficient Session Expiration Vulnerability (CVE-2021-21032)
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-5241)
WordPress 4.0.x Denial of Service Vulnerability (4.0 - 4.0.22)
WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.6)
WordPress Plugin Flow-Flow Social Stream Unspecified Vulnerability (3.0.71)