6 matches found
EUVD-2006-1870
Malware in sbrugna...
Oracle DB SQL Injection Via DBMS_EXPORT_EXTENSION
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via DBMSEXPORTEXTENSION', 'Description' = %q This module will escalate an Oracle DB user to DBA by exploiting a sql...
CVE-2006-2081
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/sqli/oracle/dbmsexportextension.rb 2025-02-06 03:13:38+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:08:15+00:00| seen|...
Oracle DB SQL Injection via DBMS_EXPORT_EXTENSION
This module will escalate an Oracle DB user to DBA by exploiting a sql injection bug in the DBMSEXPORTEXTENSION.GETDOMAININDEXMETADATA package. Note: This module has been tested against 9i, 10gR1 and 10gR2. This module requires Metasploit: https://metasploit.com/download Current source:...
CVE-2006-2081
CVE-2006-2081 affects Oracle Database Server 10g Release 2, where local users can trigger arbitrary SQL via the GET_DOMAIN_INDEX_METADATA function in DBMS_EXPORT_EXTENSION. The primary issue is insecure privileges that allow SQL to be introduced outside of a character-based injection, not a tradi...
Design/Logic Flaw
Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and 10.2.0.2 has unknown impact and attack vectors in the Export component, aka Vuln DB05. NOTE: details are unavailable from Oracle, but as of 20060427, they have not publicly commented on whether DB05 is th...