Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2009-1977

🗓️ 14 Jul 2009 23:00:00Reported by oracleType 
cve
 cve🔗 web.nvd.nist.gov👁 75 Views🌐 WEB

Unspecified vulnerability in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
0day.today		Oracle Secure Backup Server 10.3.0.1.0 Auth Bypass/RCI Exploit
14 Sep 200900:00
zdt
Circl		CVE-2009-1977
14 Sep 200900:00
circl
Check Point Advisories		Oracle Secure Backup Administration Server Authentication Bypass (CVE-2009-1977)
27 Aug 200900:00
checkpoint_advisories
Cvelist		CVE-2009-1977
14 Jul 200923:00
cvelist
Dsquare		Oracle Secure Backup 10.3.0.1 RCE
27 Apr 201200:00
dsquare
Exploit DB		Oracle Secure Backup Server 10.3.0.1.0 - Authentication Bypass / Remote Code Injection
14 Sep 200900:00
exploitdb
exploitpack		Oracle Secure Backup Server 10.3.0.1.0 - Authentication Bypass Remote Code Injection
14 Sep 200900:00
exploitpack
Metasploit		Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability
16 Sep 200912:07
metasploit
NVD		CVE-2009-1977
14 Jul 200923:30
nvd
Oracle		09-07 CPU Advisory
14 Jul 200900:00
oracle
Rows per page
NVD
Node
oraclesecure_backupMatch10.2.0.3
ParameterPositionPathDescriptionCWE
buttonrequest body/login.phpAuthentication bypass via login.php using crafted postdata.
attemptrequest body/login.phpAuthentication bypass via login.php using crafted postdata.
moderequest body/login.phpAuthentication bypass via login.php using crafted postdata.
tabrequest body/login.phpAuthentication bypass via login.php using crafted postdata.
unamerequest body/login.phpAuthentication bypass via login.php using crafted postdata.
passwdrequest body/login.phpAuthentication bypass via login.php using crafted postdata.
typequery param/property_box.phpCommand injection via vollist parameter in property_box.php.
vollistquery param/property_box.phpCommand injection via vollist parameter in property_box.php.

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
16 Jun 2026 23:08Current
5.7Medium risk
Vulners AI Score5.7
CVSS 210
EPSS0.72638
cve-2009-1977oraclesecure backupvulnerabilityremote attackersconfidentialityintegrityavailabilitybypass authentication
75