Oracle 9iAS mod_plsql directory traversal

In a default installation of Oracle 9iAS, it is possible to use the modplsql module to perform a directory traversal attack. OpenVAS Vulnerability Test $Id: oracle9imodplsqltraversal.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: Oracle 9iAS modplsql directory traversal Authors: Matt Moore...

Oracle 9iAS PORTAL_DEMO ORG_CHART

In your installation of Oracle 9iAS, it is possible to access a demo PORTALDEMO.ORGCHART via modplsql. Access to these pages should be restricted, because it may be possible to abuse this demo for SQL Injection attacks. OpenVAS Vulnerability Test $Id: oracle9iportaldemoorgchart.nasl 8023 2017-12-...

Oracle 9iAS mod_plsql cross site scripting

The modplsql module supplied with Oracle9iAS allows cross site scripting attacks to be performed. OpenVAS Vulnerability Test $Id: oracle9imodplsqlcss.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: Oracle 9iAS modplsql cross site scripting Authors: Matt Moore Copyright: Copyright C 2002 Matt...

Oracle 9iAS mod_plsql Buffer Overflow

Oracle 9i Application Server uses Apache as it's web server. There is a buffer overflow in the modplsql module which allows an attacker to run arbitrary code. OpenVAS Vulnerability Test $Id: oracle9imodplsqloverflow.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: Oracle 9iAS modplsql Buffer...

Oracle 9i Application Server PORTAL_DEMO ORG_CHART Accessible - Active Check

In installations of Oracle 9i Application Server AS, it is possible to access a demo PORTALDEMO.ORGCHART via modplsql. Access to these pages should be restricted, because it may be possible to abuse this demo for SQL injection attacks. SPDX-FileCopyrightText: 2003 Frank Berger Some text...

Oracle 9i Application Server mod_plsql Directory Traversal Vulnerability - Active Check

In a default installation of Oracle 9i Application Server AS, it is possible to use the modplsql module to perform a directory traversal attack. SPDX-FileCopyrightText: 2002 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

Oracle 9i Application Server DAD Admin Interface Accessible - Active Check

In a default installation of Oracle 9i Application Server AS, it is possible to access the modplsql DAD Admin interface. Access to these pages should be restricted. SPDX-FileCopyrightText: 2002 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

Oracle 9iAS DAD Admin interface

In a default installation of Oracle 9iAS, it is possible to access the modplsql DAD Admin interface. Access to these pages should be restricted. OpenVAS Vulnerability Test $Id: oracle9idadadmin.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: Oracle 9iAS DAD Admin interface Authors: Matt Moor...

Oracle 9i Application Server mod_plsql XSS Vulnerability - Active Check

The modplsql module supplied with Oracle 9i Application Server AS allows cross-site scripting XSS attacks to be performed. SPDX-FileCopyrightText: 2002 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

mod_plsql crossite scripting

Crossite scripting in isqlplus...

Oracle 9iAS mod_plsql Encoded Traversal Arbitrary File Access

In a default installation of Oracle 9iAS, it is possible to use the modplsql module to perform a directory traversal attack. This allows attackers to read arbitrary files on the server. %NASLMINLEVEL 70300 This script was written by Matt Moore See the Nessus Scripts License for details Changes by...

Oracle 9iAS mod_plsql Multiple Procedures XSS

The modplsql module supplied with Oracle9iAS allows cross-site scripting attacks to be performed. %NASLMINLEVEL 70300 This script was written by Matt Moore See the Nessus Scripts License for details Changes by Tenable: - Revised plugin title, commented incorrect CVE/BID 5/21/09 - Revised plugin...

Oracle 9iAS mod_plsql DAD Admin Interface Access

In a default installation of Oracle 9iAS, it is possible to access the modplsql DAD Admin interface. Access to these pages should be restricted. %NASLMINLEVEL 70300 This script was written by Matt Moore Script audit and contributions from Carmichael Security Erik Anderson Added link to the Bugtra...

Oracle 9iAS mod_plsql Help Page Request Remote Overflow

Oracle 9i Application Server uses Apache as it's web server. There is a buffer overflow in the modplsql module which allows an attacker to run arbitrary code. %NASLMINLEVEL 70300 This script was written by Matt Moore Changes by Tenable: - Revised plugin title 6/10/09 - Replaced broken URLs, added...