Description

SQL injection vulnerability in the query.xsql sample page in Oracle 9i Application Server (9iAS) allows remote attackers to execute arbitrary code via the sql parameter.

Remediation

References

CVE-2002-1631

Related Vulnerabilities

ReviveAdserver Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-9407)

MySQL CVE-2021-35624 Vulnerability (CVE-2021-35624)

WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Multiple SQL Injection Vulnerabilities (4.4.3)

WordPress Plugin Visual Email Designer for WooCommerce SQL Injection (1.7.1)

PrestaShop Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-19126)

Severity

High

Classification

CVE-2002-1631

Tags

Missing Update Known Vulnerabilities