Description

Unspecified vulnerability in the Oracle Reports Developer component of Oracle Application Server 9.0.4.2 has unspecified impact and attack vectors, as identified by Oracle Vuln# REP04. NOTE: Oracle has not disputed reliable researcher claims that this issue is related to directory traversal that allows reading of portions of arbitrary XML files via the customize parameter.

Remediation

References

CVE-2006-0275

Related Vulnerabilities

WordPress Plugin UnGallery 'search' Parameter Remote Arbitrary Command Execution (2.1.5)

WordPress Plugin ExS Widgets Local File Inclusion (0.3.1)

MySQL CVE-2022-21600 Vulnerability (CVE-2022-21600)

PostgreSQL Improper Access Control Vulnerability (CVE-2019-10130)

WordPress Plugin EU Cookie Law for GDPR/CCPA Cross-Site Scripting (3.1.6)

Severity

Medium

Classification

CVE-2006-0275

Tags

Missing Update Known Vulnerabilities