Description

ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script.

Remediation

References

CVE-2004-1368

Related Vulnerabilities

PHP Integer Overflow or Wraparound Vulnerability (CVE-2019-11039)

MediaWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2022-39193)

WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions Multiple Cross-Site Scripting Vulnerabilities (1.8.4.2)

Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-34257)

jQuery Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18405)

Severity

High

Classification

CVE-2004-1368

Tags

Missing Update Known Vulnerabilities