Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in the Portal DB (1) List of Values (LOVs), (2) Forms, (3) Hierarchy, and (4) XML components packages in Oracle Oracle9i Application Server 9.0.2.00 through 3.0.9.8.5 allow remote attackers to execute arbitrary SQL commands via the URL.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Oracle9iAS Portal组件SQL注入漏洞
Vulnerability Description
Oracle's RDBMS是一款强大的数据库服务程序,支持通过使用PL/SQL存储过程,这些存储过程可以通过Oracle应用服务程序Portal模块访问。Oralce应用服务程序是设计用于Oracle应用的WEB服务程序。 Oralce应用服务程序的多个PL/SQL包和过程存在SQL注入问题,远程攻击者可以利用这个漏洞未授权获得数据库中所有数据。 默认情况下,Oracle应用服务程序允许WEB上的未授权用户访问存储在RDBMS中的PL/SQL包和过程,当PL/SQL过程的执行没有考虑是调用者或是定义者的
CVSS Information
N/A
Vulnerability Type
N/A