Description
PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to bypass authentication for a Database Access Descriptor (DAD) by modifying the URL to reference an alternate DAD that already has valid credentials.
Remediation
References
Related Vulnerabilities
WordPress Plugin Jammer Cross-Site Scripting (0.2)
WordPress Plugin WP Learn Manager Security Bypass (1.1.4)
WordPress Plugin Mobile blocks Security Bypass (1.0)
PHP NULL Pointer Dereference Vulnerability (CVE-2016-10162)
Lodash Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-1010266)