Description

SQL injection vulnerability in mod_sql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the query string of the URL.

Remediation

References

CVE-2000-1236

Related Vulnerabilities

Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1154)

Nexus Repository Manager Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16619)

WordPress CVE-2012-2400 Vulnerability (CVE-2012-2400)

Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-3727)

phpBB URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-3880)

Severity

High

Classification

CVE-2000-1236

Tags

Missing Update Known Vulnerabilities