Description
Multiple components in Oracle 9i Application Server (9iAS) are installed with over 160 default usernames and passwords, including (1) SYS, (2) SYSTEM, (3) AQJAVA, (4) OWA, (5) IMAGEUSER, (6) USER1, (7) USER2, (8) PLSQL, (9) DEMO, (10) FINANCE, and many others, which allows attackers to gain privileges.
Remediation
References
Related Vulnerabilities
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery SQL Injection (1.3.50)
WordPress Plugin WP Silverlight Media Player Cross-Site Scripting (0.8)
Django Uncontrolled Resource Consumption Vulnerability (CVE-2023-24580)
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2010-2471)
WordPress Plugin Polldaddy Polls & Ratings Unspecified Vulnerability (2.0.25)