Back
CVE-2000-1236
SQL injection vulnerability in mod_sql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the query string of the URL.
Published: Dec 31, 2000
Modified: Apr 16, 2026
CVSS Metrics
Affected Products (1)
| Vendor | Product | Version |
|---|---|---|
| oracle | application_server | * |
GitHub Security Advisory GHSA-jrxr-vw4j-prv8
SQL injection vulnerability in mod_sql in Oracle Internet Application Server (IAS) 3.0.7 and...
References (12)
- http://archives.neohapsis.com/archives/bugtraq/2000-12/0339.html
- http://archives.neohapsis.com/archives/bugtraq/2000-12/0372.html
- http://archives.neohapsis.com/archives/bugtraq/2000-12/0463.html
- http://online.securityfocus.com/archive/1/155881
- http://www.iss.net/security_center/static/5817.php Patch
- http://www.securityfocus.com/bid/2150 Patch
- http://archives.neohapsis.com/archives/bugtraq/2000-12/0339.html
- http://archives.neohapsis.com/archives/bugtraq/2000-12/0372.html
- http://archives.neohapsis.com/archives/bugtraq/2000-12/0463.html
- http://online.securityfocus.com/archive/1/155881
- http://www.iss.net/security_center/static/5817.php Patch
- http://www.securityfocus.com/bid/2150 Patch
Risk Scores
CVSS Score
7.5 / 10
EPSS Score
0.97%
Top 23% most likely to be exploited
Threat Score
30.3 / 100
Data Sources
NVD
EPSS
GitHub