Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

47 matches found

securityvulns
securityvulnsadded 2003/11/10 12:0 a.m.26 views

Multiple SQL Injection Vulnerabilities in Oracle Application Server 9i and RDBMS (#NISR05112003)

NGSSoftware Insight Security Research Advisory Name : Multiple Oracle Application Server SQL Injection Vulnerabilities Systems Affected: All OS platforms; Oracle9i Application Server Release 1 and 2 and RDBMS Severity : High Risk Vendor URL : http://www.oracle.com/ Author : David Litchfield...

0.3AI score
Exploits0
NVD
NVDadded 2002/12/31 5:0 a.m.11 views

CVE-2002-1666

Unknown vulnerability in Oracle E-Business Suite 11i.1 through 11i.6 allows remote attackers to execute unauthorized PL/SQL procedures by modifying the Oracle Applications URL...

5CVSS6.4AI score0.0051EPSS
Exploits0References3
CERT
CERTadded 2002/03/11 12:0 a.m.75 views

Oracle9i Application Server OWA_UTIL procedures expose sensitive information

Overview Oracle9i Application Server iAS provides a Procedural Language/Structured Query Language PL/SQL application package called OWAUTIL that provides web access to a number of stored procedures. These procedures could be used by an attacker to view the source code of PL/SQL applications, obta...

5CVSS9.3AI score0.0564EPSS
Exploits0References4
CERT
CERTadded 2002/02/26 12:0 a.m.25 views

Oracle 9i Database Server PL/SQL module allows remote command execution without authentication

Overview Oracle Database Server allows remote users to execute system commands without authenticating. Description Oracle Database Server provides extended functionality through the use of Procedural Language/Structured Query Language PL/SQL libraries. PL/SQL includes commands to load arbitrary...

7.5CVSS7.2AI score0.01758EPSS
Exploits0References4
securityvulns
securityvulnsadded 2001/02/20 12:0 a.m.30 views

Adcycle 0.78b Authentication

|---------------------------------------------------------------------------------| / Product: Adcycle Banner Rotation. Vendor URL: www.adcycle.com / Tested on: v0.77 - 0.78b Freeware Linux Vendor Contact: Mailed on 15th January i think Twice with NO reply / Other: Commericial version NOT tested...

8.5AI score
Exploits0
CVE
CVEadded 2000/02/08 5:0 a.m.38 views

CVE-2000-0125

CVE-2000-0125 concerns wwwthreads where numeric data and table names passed to SQL queries are not properly sanitized. The underlying cause is improper input handling in SQL construction, enabling an unauthenticated, remote attacker to gain privileges on the wwwthreads forums. The available recor...

7.5CVSS7.9AI score0.0322EPSS
Exploits0References2Affected Software1
Exploit DB
Exploit DBadded 1999/08/18 12:0 a.m.47 views

Hughes Technologies Mini SQL (mSQL) 2.0/2.0.10 - Information Disclosure

source: https://www.securityfocus.com/bid/591/info Under certain versions of Mini SQL, the w3-msql CGI script allows users to view directories which are set for private access via .htaccess files. W3-mSQL converts any form data passed to a script into global Lite variables and these variables can...

7.4AI score
Exploits0
Rows per page
Query Builder