Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alexander kornbrust vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-1381
Multiple cross-site scripting (XSS) vulnerabilities in Oracle Webcache 9i allow remote malicious users to inject arbitrary web script or HTML via the (1) cache_dump_file or (2) PartialPageErrorPage parameter.
Oracle Application Server Web Cache
2 EDB exploits
NA
CVE-2005-3206
iSQL*Plus (isqlplus) for Oracle9i Database Server Release 2 9.0.2.4 allows remote malicious users to cause a denial of service (TNS listener stop) via an HTTP request with an sid parameter that contains a STOP command.
Oracle Database Server 9.0.2.4
1 EDB exploit
NA
CVE-2005-3207
The forms servlet (f90servlet) in Oracle Forms 4.5.10.22 allows remote malicious users to cause a denial of service (TNS listener stop) via a userid parameter that contains a STOP command.
Oracle Forms 6.0.8.25
Oracle Forms 6i
Oracle Forms 9i
Oracle Forms 10g
Oracle Forms 4.5.10.22
Oracle Forms 5.0
1 EDB exploit
NA
CVE-2005-1380
Cross-site scripting (XSS) vulnerability in BEA Admin Console 8.1 allows remote malicious users to execute arbitrary web script or HTML via the server parameter to a JndiFramesetAction action.
Bea Weblogic Server 8.1
1 EDB exploit
NA
CVE-2005-1382
The webcacheadmin module in Oracle Webcache 9i allows remote malicious users to corrupt arbitrary files via a full pathname in the cache_dump_file parameter.
Oracle Application Server Web Cache
1 EDB exploit
NA
CVE-2005-1383
The OHS component 1.0.2 up to and including 10.x, when UseWebcacheIP is disabled, in Oracle Application Server allows remote malicious users to bypass HTTP Server mod_access restrictions via a request to the webcache TCP port 7778.
Oracle Application Server 10.1.0.2
Oracle Application Server 10.1.0.3
Oracle Application Server 10.1.0.3.1
Oracle Application Server 10.1.2
1 EDB exploit
NA
CVE-2005-3204
Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2 allows remote malicious users to inject arbitrary web script or HTML via the query string in an HTTP request.
Oracle Application Server 9.0.2.3
Oracle Application Server 9.0.3
Oracle Oracle9i Enterprise 9.0.1.4
Oracle Oracle9i Enterprise 9.0.1.5
Oracle Oracle9i Enterprise 9.0.1.5 Fips
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Enterprise 9.2.0.6
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Standard 9.0.1.2
Oracle Oracle9i Standard 9.0.1.3
Oracle Oracle9i Standard 9.0.1.4
Oracle Application Server 9.0.2.1
Oracle Application Server 9.0.2.2
Oracle Oracle9i Developer 9.0.4
Oracle Oracle9i Enterprise 9.0.1
Oracle Oracle9i Enterprise 9.2.0.3
Oracle Oracle9i Enterprise 9.2.0.4
Oracle Oracle9i Personal 9.0.4
Oracle Oracle9i Personal 9.2
Oracle Oracle9i Standard 9.0
Oracle Oracle9i Standard 9.0.1
1 EDB exploit
NA
CVE-2004-0637
Oracle Database Server 8.1.7.4 up to and including 9.2.0.4 allows local users to execute commands with additional privileges via the ctxsys.driload package, which is publicly accessible.
Oracle Oracle9i Standard 9.0.1.3
Oracle Oracle8i Enterprise 8.1.7 .4
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Enterprise 9.2.0.4
Oracle Oracle9i Personal 9.2.0.4
Oracle Oracle9i Standard 9.2.0.4
1 EDB exploit
NA
CVE-2009-0981
Unspecified vulnerability in the Application Express component in Oracle Database 11.1.0.7 allows remote authenticated users to affect confidentiality, related to APEX. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable resea...
Oracle Database 11g 11.1.0.7
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started