Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle scripting vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2007-2119
Cross-site scripting (XSS) vulnerability in boundary_rules.jsp in the Administration Front End for Oracle Enterprise (Ultra) Search, as used in Database Server 9.2.0.8, 10.1.0.5, and 10.2.0.2, and in Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2.0 allows remote malicious u...
Oracle Application Server 10.1.2.0.2
Oracle Database Server 9.2.0.8
Oracle Database Server 10.1.0.5
Oracle Database Server 10.2.0.2
Oracle Application Server 10.1.2.2
Oracle Application Server 9.0.4.3
6.8
CVSSv2
CVE-2006-6703
Multiple cross-site scripting (XSS) vulnerabilities in Oracle Portal 9i and 10g allow remote malicious users to inject arbitrary JavaScript via the tc parameter in webapp/jsp/container_tabs.jsp, and other unspecified vectors.
Oracle Oracle10g
Oracle Oracle9i
1 EDB exploit
6.8
CVSSv2
CVE-2005-3202
Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTML DB (HTMLDB) 1.3 up to and including 1.3.6 allow remote malicious users to inject arbitrary web script or HTML, and subsequently execute SQL statements via the (1) p or (2) p_t02 parameters.
Oracle Html Db 1.3.6
Oracle Html Db 1.3
2 EDB exploits
6.8
CVSSv2
CVE-2005-1747
Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 8.1 through Service Pack 4, and 7.0 through Service Pack 6, allow remote malicious users to inject arbitrary web script or HTML, and possibly gain administrative privileges, via the (1) j_usern...
Oracle Weblogic Portal 8.0
Bea Weblogic Server 6.0
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0.0.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
6.8
CVSSv2
CVE-2005-1381
Multiple cross-site scripting (XSS) vulnerabilities in Oracle Webcache 9i allow remote malicious users to inject arbitrary web script or HTML via the (1) cache_dump_file or (2) PartialPageErrorPage parameter.
Oracle Application Server Web Cache
2 EDB exploits
6.8
CVSSv2
CVE-2004-2115
Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTTP Server 1.3.22, based on Apache, allow remote malicious users to execute arbitrary script as other users via the (1) action, (2) username, or (3) password parameters in an isqlplus request.
Oracle Http Server 8.1.7
Oracle Http Server 9.0.1
Oracle Http Server 9.2.0
1 EDB exploit
6.8
CVSSv2
CVE-2002-0840
Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 prior to 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote malicious users to execute script as other web page visitors v...
Apache Http Server 2.0.42
Oracle Application Server 9.0.2.1
Apache Http Server 1.3.23
Oracle Oracle9i 9.0.1
Oracle Oracle9i 9.0.2
Oracle Oracle8i 8.1.7 .0.0 Enterprise
Oracle Database Server 8.1.7
Apache Http Server 2.0.35
Apache Http Server 2.0.37
Apache Http Server 1.3.1
Apache Http Server 1.3.25
Oracle Oracle9i 9.0
Apache Http Server 1.3.19
Oracle Database Server 9.2.1
Apache Http Server 2.0.39
Apache Http Server 1.3.24
Oracle Application Server 9.0.2
Apache Http Server 1.3.20
Apache Http Server 1.3.6
Apache Http Server 2.0.41
Oracle Oracle8i 8.1.7.1
Oracle Oracle8i 8.1.7
1 EDB exploit
6.8
CVSSv2
CVE-2002-1640
Multiple cross-site scripting (XSS) vulnerabilities in Oracle Configurator prior to 11.5.7.17.32 and 11.5.6.16.53 allows remote malicious users to inject arbitrary web script or HTML via (1) Text Features in the DHTML UI or (2) the test parameter to the oracle.apps.cz.servlet.UiS...
Oracle Configurator
Oracle Configurator 11i
6.5
CVSSv2
CVE-2021-32626
Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in Redis can cause the heap-based Lua stack to be overflowed, due to incomplete checks for this condition. This can result with heap corruption and pote...
Redis Redis
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Netapp Management Services For Element Software -
Netapp Management Services For Netapp Hci -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Oracle Communications Operations Monitor 4.3
Oracle Communications Operations Monitor 4.4
Oracle Communications Operations Monitor 5.0
6.5
CVSSv2
CVE-2020-9402
Django 1.11 prior to 1.11.29, 2.2 prior to 2.2.11, and 3.0 prior to 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggregates on Oracle, it was p...
Djangoproject Django
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Netapp Steelstore Cloud Integrated Storage -
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 16.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »