CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2002-0564

Malware in sbrugna...

7.5CVSS6.4AI score0.02177EPSS

Exploits0References7

OpenVAS•added 2005/11/03 12:0 a.m.•38 views

Oracle XSQL Stylesheet Vulnerability

The Oracle XSQL Servlet allows arbitrary Java code to be executed by an attacker by supplying the URL of a malicious XSLT stylesheet when making a request to an XSQL page. OpenVAS Vulnerability Test $Id: oraclexsql.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: Oracle XSQL Stylesheet...

7.5CVSS0.7AI score0.00828EPSS

Exploits0

Cvelist•added 2003/04/02 5:0 a.m.•21 views

CVE-2002-0569

Oracle 9i Application Server allows remote attackers to bypass access restrictions for configuration files via a direct request to the XSQL Servlet XSQLServlet...

9.1AI score0.02177EPSS

Exploits0References6

CVE•added 2003/04/02 5:0 a.m.•53 views

CVE-2002-0569

CVE-2002-0569 affects Oracle 9i Application Server via the XSQLServlet, enabling remote authentication bypass to access configuration files. The core issue is bypassing access restrictions on configuration files through direct requests to XSQLServlet, leading to potential exposure of sensitive fi...

7.5CVSS9.1AI score0.02177EPSS

Exploits0References6Affected Software1

NVD•added 2002/07/03 4:0 a.m.•18 views

CVE-2002-0569

Oracle 9i Application Server allows remote attackers to bypass access restrictions for configuration files via a direct request to the XSQL Servlet XSQLServlet...

7.5CVSS6.4AI score0.02177EPSS

Exploits0References6

CERT•added 2002/03/06 12:0 a.m.•26 views

Oracle 9iAS XSQL Servlet ignores file permissions allowing arbitrary users to view sensitive configuration files

Overview It is possible to read the sensitive configuration files from an Oracle 9i Application Server without any authorization. This can lead to an intruder gaining access to sensitive information about the server and potentially compromising it. Description Default installation of the Oracle 9...

7.5CVSS9AI score0.02177EPSS

Exploits0References1

Cvelist•added 2001/05/07 4:0 a.m.•18 views

CVE-2001-0126

Oracle XSQL servlet 1.0.3.0 and earlier allows remote attackers to execute arbitrary Java code by redirecting the XSQL server to another source via the xml-stylesheet parameter in the xslt stylesheet...

7.3AI score0.00828EPSS

Exploits0References3

NVD•added 2001/03/12 5:0 a.m.•18 views

CVE-2001-0126

7.5CVSS7.3AI score0.00828EPSS

Exploits0References3

Tenable Nessus•added 2001/01/22 12:0 a.m.•55 views

Oracle Application Server XSQL Stylesheet Arbitrary Java Code Execution

The Oracle XSQL Servlet allows arbitrary Java code to be executed by an attacker by supplying the URL of a malicious XSLT stylesheet when making a request to an XSQL page. %NASLMINLEVEL 70300 This script was written by Matt Moore See the Nessus Scripts License for details Changes by Tenable: -...

7.5CVSS5.7AI score0.00828EPSS

Exploits0References1

securityvulns•added 2001/01/10 12:0 a.m.•28 views

Oracle XSQL servlet and xml-stylesheet allow executing java on the web server

Georgi Guninski security advisory 34, 2001 Oracle XSQL servlet and xml-stylesheet allow executing java on the web server Systems affected: Oracle XSQL servlet, installed by default Oracle 8.1.7 Windows 2000installation, probably other versions/platforms are affected because the servlet is written...

0.2AI score

Exploits0

securityvulns•added 2001/01/10 12:0 a.m.•23 views

Дырка в Oracle XSQL servlet

Имеется возможность выполнить .xsl-файл в контексте сервера. Это дает возможность выполнить любой java-код...

0.8AI score

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by