EUVD-2005-3202

Malware in sbrugna...

Oracle HTML DB 1.5/1.6 f p Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15031/info Oracle HTML DB is prone to cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affecte...

CVE-2005-3203

The manual installation of Oracle HTML DB HTMLDB 1.3 through 1.3.6 stores the SYS password in install.lst in plaintext, which allows local users to gain privileges...

CVE-2005-3202

CVE-2005-3202 affects Oracle HTML DB (HTMLDB) versions 1.3 through 1.3.6. The vulnerability is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML and, via the affected parameters, potentially execute SQL statements. The exploitation targets the (...

CVE-2005-3202

Multiple cross-site scripting XSS vulnerabilities in Oracle HTML DB HTMLDB 1.3 through 1.3.6 allow remote attackers to inject arbitrary web script or HTML, and subsequently execute SQL statements via the 1 p or 2 pt02 parameters...

CVE-2005-3203

The manual installation of Oracle HTML DB HTMLDB 1.3 through 1.3.6 stores the SYS password in install.lst in plaintext, which allows local users to gain privileges...

Oracle HTML DB 1.51.6 - f?p Cross-Site Scripting

Oracle HTML DB 1.51.6 - f?p Cross-Site Scripting source: https://www.securityfocus.com/bid/15031/info Oracle HTML DB is prone to cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context...

Oracle HTML DB 1.5/1.6 - 'f?p=' Cross-Site Scripting

source: https://www.securityfocus.com/bid/15031/info Oracle HTML DB is prone to cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. An attacker can leverage...

Oracle HTML DB 1.51.6 - wwv_flow.accept?p_t02 Cross-Site Scripting

Oracle HTML DB 1.51.6 - wwvflow.accept?pt02 Cross-Site Scripting source: https://www.securityfocus.com/bid/15031/info Oracle HTML DB is prone to cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting use...

Oracle HTML DB 1.5/1.6 - 'wwv_flow.accept?p_t02' Cross-Site Scripting

source: https://www.securityfocus.com/bid/15031/info Oracle HTML DB is prone to cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. An attacker can leverage...