Description

Batch files in the Oracle web listener ows-bin directory allow remote attackers to execute commands via a malformed URL that includes '?&'.

Remediation

References

CVE-2000-0169

Related Vulnerabilities

WordPress Plugin Highlight Cross-Site Scripting (0.9.2)

ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-5832)

MediaWiki Resource Management Errors Vulnerability (CVE-2015-2936)

WordPress Plugin Business Directory-Easy Listing Directories for WordPress PHP Object Injection (4.1.14)

WordPress Plugin Live Comment Preview Cross-Site Scripting (2.0.2)

Severity

High

Classification

CVE-2000-0169

Tags

Missing Update Known Vulnerabilities