Lucene search
+L

5 matches found

Nuclei
Nuclei
added yesterday15 views

Oracle iPlanet Web Server 7.0.x - Image Injection

Oracle iPlanet Web Server 7.0.x allows image injection in the Administration console via the productNameSrc parameter to an admingui URI. This issue exists because of an incomplete fix for CVE-2012-0516. id: CVE-2020-9314 info: name: Oracle iPlanet Web Server 7.0.x - Image Injection author:...

7.5CVSS6.2AI score0.81814EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 5:35 p.m.9 views

CVE-2020-9314

PRODUCT NOT SUPPORTED WHEN ASSIGNED Oracle iPlanet Web Server 7.0.x allows image injection in the Administration console via the productNameSrc parameter to an admingui URI. This issue exists because of an incomplete fix for CVE-2012-0516. NOTE: a related support policy can be found in the...

6.8CVSS6.8AI score0.02912EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2020/05/11 8:19 p.m.89 views

Unpatched Bugs in Oracle iPlanet Open Door to Info-Disclosure, Injection

A pair of vulnerabilities in Oracle’s iPlanet Web Server have been disclosed that can lead to sensitive data exposure and image injections onto web pages if exploited. However, no patch is forthcoming for either flaw. The bugs CVE-2020-9315 and CVE-2020-9314 are specifically found in the web...

9.3CVSS6.9AI score0.81814EPSS
Exploits0References8
OSV
OSV
added 2020/05/10 11:15 p.m.4 views

CVE-2020-9314

PRODUCT NOT SUPPORTED WHEN ASSIGNED Oracle iPlanet Web Server 7.0.x allows image injection in the Administration console via the productNameSrc parameter to an admingui URI. This issue exists because of an incomplete fix for CVE-2012-0516. NOTE: a related support policy can be found in the...

4.8CVSS6.4AI score0.81814EPSS
Exploits0References4
CVE
CVE
added 2020/05/10 10:23 p.m.120 views

CVE-2020-9314

CVE-2020-9314 affects Oracle iPlanet Web Server 7.0.x. The issue is described as image injection in the Administration console via the productNameSrc parameter to an admingui URI, arising from an incomplete fix for CVE-2012-0516. It is part of a pair with CVE-2020-9315; while CVE-2020-9314 enable...

4.9CVSS5.4AI score0.01282EPSS
In wildExploits0References4Affected Software1
Rows per page
Query Builder