9826 matches found
Run any OS Command via unauthorized Oracle Forms
Name Run any OS Command via unauthorized Oracle Forms Systems Affected Oracle Web Forms 4.5, 5.0, 6.0, 6i, 9i, 10g Severity High Risk Category OS command execution Vendor URL http://www.oracle.com Author Alexander Kornbrust ak at red-database-security.com Date 18 July 2005 V 1.00 Advisory...
plsql_multiplestatement_injection.txt
/ Advanced SQL Injection in Oracle databases Executing OS Command with SQL Injection By Esteban Martinez Fayo [email protected] / CREATE OR REPLACE FUNCTION "SCOTT"."SQLI" return varchar2 authid currentuser as pragma autonomoustransaction; SqlCommand VARCHAR22048; BEGIN SqlCommand := ' CREATE OR...
Oracle Database PL/SQL Statement Multiple SQL Injection Exploits
Exploit for unknown platform in category local exploits ================================================================ Oracle Database PL/SQL Statement Multiple SQL Injection Exploits ================================================================ / Advanced SQL Injection in Oracle databases...
Oracle 8.x9.x10.x Database - Multiple SQL Injections
Oracle 8.x9.x10.x Database - Multiple SQL Injections source: https://www.securityfocus.com/bid/13144/info Oracle database is reported prone to multiple SQL injection vulnerabilities. These issues exist due to insufficient sanitization of user-supplied data. These issues can be exploited using...
paFileDB 3.1
============================ Security REPORT paFileDB 3.1 ============================ Product: paFileDB Version 3.1 and earlier Vulnerablities: arbitrary file-upload, path-traversal, arbitrary OS command-execution Vuln.-classes: http://www.owasp.org/asac/parametermanipulation/forms.shtml...
W-Agora 4.1.5
============================= Security REPORT W-Agora 4.1.5 ============================= Product: W-Agora 4.1.5 maybe earlier Vulnerablities: information disclosure, path disclosure, arbitrary file-upload, OS command execution, cross site scripting Vuln.-Classes: Check out...