3 matches found
Oracle DB SQL Injection Via SYS.DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.DBMSCDCSUBSCRIBE.ACTIVATESUBSCRIPTION', 'Description' = %q This module will escalate an Oracle DB user to DBA by...
CVE-2005-1197
SQL injection vulnerability in the SYS.DBMSCDCIPUBLISH.CREATESCNCHANGESET procedure in Oracle Database Server 10g allows remote attackers to execute arbitrary SQL commands via the CHANGESETNAME parameter...
CVE-2005-1197
CVE-2005-1197 is a SQL injection vulnerability in Oracle Database Server 10g affecting the SYS.DBMS_CDC_IPUBLISH.CREATE_SCN_CHANGE_SET procedure via the CHANGE_SET_NAME parameter. Remote attackers could potentially execute arbitrary SQL commands; impact and remediation details are not specified i...