Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

alexander kornbrust vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2005-1381
Multiple cross-site scripting (XSS) vulnerabilities in Oracle Webcache 9i allow remote malicious users to inject arbitrary web script or HTML via the (1) cache_dump_file or (2) PartialPageErrorPage parameter.
Oracle Application Server Web Cache
NA
CVE-2005-3206
iSQL*Plus (isqlplus) for Oracle9i Database Server Release 2 9.0.2.4 allows remote malicious users to cause a denial of service (TNS listener stop) via an HTTP request with an sid parameter that contains a STOP command.
Oracle Database Server 9.0.2.4
NA
CVE-2005-3207
The forms servlet (f90servlet) in Oracle Forms 4.5.10.22 allows remote malicious users to cause a denial of service (TNS listener stop) via a userid parameter that contains a STOP command.
Oracle Forms 6.0.8.25Oracle Forms 6iOracle Forms 9iOracle Forms 10gOracle Forms 4.5.10.22Oracle Forms 5.0
NA
CVE-2005-1380
Cross-site scripting (XSS) vulnerability in BEA Admin Console 8.1 allows remote malicious users to execute arbitrary web script or HTML via the server parameter to a JndiFramesetAction action.
Bea Weblogic Server 8.1
NA
CVE-2005-1382
The webcacheadmin module in Oracle Webcache 9i allows remote malicious users to corrupt arbitrary files via a full pathname in the cache_dump_file parameter.
Oracle Application Server Web Cache
NA
CVE-2005-1383
The OHS component 1.0.2 up to and including 10.x, when UseWebcacheIP is disabled, in Oracle Application Server allows remote malicious users to bypass HTTP Server mod_access restrictions via a request to the webcache TCP port 7778.
Oracle Application Server 10.1.0.2Oracle Application Server 10.1.0.3Oracle Application Server 10.1.0.3.1Oracle Application Server 10.1.2
NA
CVE-2005-3204
Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2 allows remote malicious users to inject arbitrary web script or HTML via the query string in an HTTP request.
Oracle Application Server 9.0.2.3Oracle Application Server 9.0.3Oracle Oracle9i Enterprise 9.0.1.4Oracle Oracle9i Enterprise 9.0.1.5Oracle Oracle9i Enterprise 9.0.1.5 FipsOracle Oracle9i Enterprise 9.2.0.5Oracle Oracle9i Enterprise 9.2.0.6Oracle Oracle9i Personal 9.2.0.1Oracle Oracle9i Personal 9.2.0.2Oracle Oracle9i Standard 9.0.1.2Oracle Oracle9i Standard 9.0.1.3Oracle Oracle9i Standard 9.0.1.4Oracle Application Server 9.0.2.1Oracle Application Server 9.0.2.2Oracle Oracle9i Developer 9.0.4Oracle Oracle9i Enterprise 9.0.1Oracle Oracle9i Enterprise 9.2.0.3Oracle Oracle9i Enterprise 9.2.0.4Oracle Oracle9i Personal 9.0.4Oracle Oracle9i Personal 9.2Oracle Oracle9i Standard 9.0Oracle Oracle9i Standard 9.0.1
NA
CVE-2004-0637
Oracle Database Server 8.1.7.4 up to and including 9.2.0.4 allows local users to execute commands with additional privileges via the ctxsys.driload package, which is publicly accessible.
Oracle Oracle9i Standard 9.0.1.3Oracle Oracle8i Enterprise 8.1.7 .4Oracle Oracle8i Standard 8.1.7 .4Oracle Oracle9i Enterprise 9.2.0.4Oracle Oracle9i Personal 9.2.0.4Oracle Oracle9i Standard 9.2.0.4
NA
CVE-2009-0981
Unspecified vulnerability in the Application Express component in Oracle Database 11.1.0.7 allows remote authenticated users to affect confidentiality, related to APEX. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable resea...
Oracle Database 11g 11.1.0.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581reflected XSSCVE-2024-26925CVE-2024-27956LFICVE-2024-3607CVE-2024-3107CVE-2024-3295SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook