3 matches found
VulnCheck KEV: CVE-2020-9314
PRODUCT NOT SUPPORTED WHEN ASSIGNED Oracle iPlanet Web Server 7.0.x allows image injection in the Administration console via the productNameSrc parameter to an admingui URI. This issue exists because of an incomplete fix for CVE-2012-0516. NOTE: a related support policy can be found in the...
The vulnerability of Oracle iPlanet web server, which exists due to the failure to take measures to eliminate special elements, allows attackers to inject images into the administration console.
The vulnerability of Oracle iPlanet web servers exists due to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a malicious actor to inject images into the administration console through the productNameSrc parameter in the URI admingui...
Oracle iPlanet Web Server Injection Vulnerability (CNVD-2020-52059 )
Oracle iPlanet Web Server OiWS is an American Oracle Oracle company's Web server mainly for medium-sized and large business applications. Oracle iPlanet Web Server injection vulnerability. An attacker can exploit this vulnerability with the help of the 'productNameSrc' parameter to perform a...