CVE-2000-1236 | Vulnerability Database | Aqua Security

SQL injection vulnerability in mod_sql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the query string of the URL.

Affected Software

Name	Vendor	Start Version	End Version
Application_server	Oracle	*	3.0.7 (including)

References

http://archives.neohapsis.com/archives/bugtraq/2000-12/0339.html
http://archives.neohapsis.com/archives/bugtraq/2000-12/0372.html
http://archives.neohapsis.com/archives/bugtraq/2000-12/0463.html
http://online.securityfocus.com/archive/1/155881
http://www.iss.net/security_center/static/5817.php
http://www.securityfocus.com/bid/2150
http://archives.neohapsis.com/archives/bugtraq/2000-12/0339.html
http://archives.neohapsis.com/archives/bugtraq/2000-12/0372.html
http://archives.neohapsis.com/archives/bugtraq/2000-12/0463.html
http://online.securityfocus.com/archive/1/155881
http://www.iss.net/security_center/static/5817.php
http://www.securityfocus.com/bid/2150

NVD	https://nvd.nist.gov/vuln/detail/CVE-2000-1236
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html