Description

SQL injection vulnerability in mod_sql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the query string of the URL.

Remediation

References

CVE-2000-1236

Related Vulnerabilities

MySQL CVE-2019-2826 Vulnerability (CVE-2019-2826)

SharePoint Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-1450)

ProjectSend Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-11378)

Caddy Web Server URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2022-29718)

WordPress Plugin WP SlackSync Information Disclosure (1.8.5)

Severity

High

Classification

CVE-2000-1236

Tags

Missing Update Known Vulnerabilities