Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
OracleApplication Server

4 matches found

CVE
CVEadded 2003/04/02 5:0 a.m.283 views

CVE-2001-1371

The default configuration of Oracle Application Server 9iAS 1.0.2.2 enables SOAP and allows anonymous users to deploy applications by default via urn:soap-service-manager and urn:soap-provider-manager.

7.5CVSS9AI score0.04432EPSS
CVE
CVEadded 2003/04/02 5:0 a.m.105 views

CVE-2001-1372

Oracle 9i Application Server 1.0.2 allows remote attackers to obtain the physical path of a file under the server root via a request for a non-existent .JSP file, which leaks the pathname in an error message.

5CVSS8.8AI score0.0821EPSS
CVE
CVEadded 2003/04/02 5:0 a.m.44 views

CVE-2002-0569

Oracle 9i Application Server allows remote attackers to bypass access restrictions for configuration files via a direct request to the XSQL Servlet (XSQLServlet).

7.5CVSS9.1AI score0.02177EPSS
CVE
CVEadded 2003/04/02 5:0 a.m.42 views

CVE-2002-0947

Buffer overflow in rwcgi60 CGI program for Oracle Reports Server 6.0.8.18.0 and earlier, as used in Oracle9iAS and other products, allows remote attackers to execute arbitrary code via a long database name parameter.

7.5CVSS9.6AI score0.08591EPSS