Oracle DB 10gR2, 11gR1/R2 DBMS_JVM_EXP_PERMS OS Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB 10gR2, 11gR1/R2 DBMSJVMEXPPERMS OS Command Execution', 'Description' = %q This module exploits a flaw 0 day in DBMSJVMEXPPERMS package...

Oracle SYS.LT.MERGEWORKSPACE Evil Cursor Exploit

Exploit for unknown platform in category local exploits ================================================ Oracle SYS.LT.MERGEWORKSPACE Evil Cursor Exploit ================================================ Title: Oracle SYS.LT.MERGEWORKSPACE Evil Cursor Exploit CVE-ID: OSVDB-ID: Author: Andrea...

Oracle DB SQL Injection via SYS.DBMS_CDC_IPUBLISH.ALTER_HOTLOG_INTERNAL_CSOURCE

The module exploits an sql injection flaw in the ALTERHOTLOGINTERNALCSOURCE procedure of the PL/SQL package DBMSCDCIPUBLISH. Any user with execute privilege on the vulnerable package can exploit this vulnerability. By default, users granted EXECUTECATALOGROLE have the required privilege. Affected...

Oracle DB SQL Injection via SYS.DBMS_CDC_PUBLISH.ALTER_AUTOLOG_CHANGE_SOURCE

The module exploits an sql injection flaw in the ALTERAUTOLOGCHANGESOURCE procedure of the PL/SQL package DBMSCDCPUBLISH. Any user with execute privilege on the vulnerable package can exploit this vulnerability. By default, users granted EXECUTECATALOGROLE have the required privilege. Affected...