Web App Vulnerabilities

1. Introduction Oracle 9iAS _pages Directory Compiled JSP Source Disclosure allows sensitive data to be read on a remote host....

1. Introduction The Oracle 9iAS DMS / JPM Pages Anonymous Access vulnerability allows sensitive resources within a default installation of...

1. Introduction Oracle 9iAS globals.jsa is a vulnerability where sensitive data may be disclosed on systems running Oracle 9i Application...

1. Introduction Oracle 9iAS iSQLplus is vulnerable to a cross-site scripting (XSS) attack on its login page, allowing attackers to...

1. Introduction The Oracle 9iAS Java Process Manager /oprocmgr-status Anonymous Processes vulnerability allows an attacker to list running Java processes...

1. Introduction Oracle 9iAS mod_plsql DAD Admin Interface Access allows access to sensitive resources due to a default configuration issue....

1. Introduction Oracle 9iAS Nonexistent .jsp File Request Error Message Path Disclosure allows remote attackers to discover the physical path...

1. Introduction The Oracle 9iAS PL/SQL Gateway Web Admin Interface Null Authentication vulnerability affects applications using Oracle 9i Application Server....

1. Introduction The Oracle 9iAS soapdocs Directory Remote Information Disclosure vulnerability allows unauthenticated users to access documentation files for the...

1. Introduction The Oracle 9iAS XSQLServlet soapConfig.xml Authentication Credentials vulnerability allows unauthenticated access to configuration files on a default installation....