Description
The default configuration of the PL/SQL Gateway web administration interface in Oracle 9i Application Server 1.0.2.x uses null authentication, which allows remote attackers to gain privileges and modify DAD settings.
Remediation
References
Related Vulnerabilities
WordPress Plugin Ultimate Membership Pro SQL Injection (6.4)
Oracle Database Server CVE-2006-5332 Vulnerability (CVE-2006-5332)
WordPress Plugin Survey Maker-Best WordPress Survey SQL Injection (3.1.1)
WordPress Plugin Mailtree Log Mail Cross-Site Scripting (1.0.0)
MediaWiki Incorrect Default Permissions Vulnerability (CVE-2017-0369)