Vulnerabilities > Oracle > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2000-12-31 | CVE-2000-1236 | Unspecified vulnerability in Oracle Application Server SQL injection vulnerability in mod_sql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the query string of the URL. | 7.5 |
2000-12-19 | CVE-2000-0981 | Unspecified vulnerability in Oracle Mysql MySQL Database Engine uses a weak authentication method which leaks information that could be used by a remote attacker to recover the password. | 7.2 |
2000-03-15 | CVE-2000-0169 | Unspecified vulnerability in Oracle Application Server 4.0 Batch files in the Oracle web listener ows-bin directory allow remote attackers to execute commands via a malformed URL that includes '?&'. | 7.5 |
2000-02-08 | CVE-2000-0148 | Unspecified vulnerability in Oracle Mysql MySQL 3.22 allows remote attackers to bypass password authentication and access a database via a short check string. | 7.5 |
1999-11-25 | CVE-1999-1547 | Improper Input Validation vulnerability in Oracle web Listener 2.1 Oracle Web Listener 2.1 allows remote attackers to bypass access restrictions by replacing a character in the URL with its HTTP-encoded (hex) equivalent. | 7.5 |