Oracle DB SQL Injection Via SYS.LT.ROLLBACKWORKSPACE

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.LT.ROLLBACKWORKSPACE', 'Description' = %q This module exploits a sql injection flaw in the ROLLBACKWORKSPACE...

Oracle DB SQL Injection Via SYS.LT.COMPRESSWORKSPACE

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.LT.COMPRESSWORKSPACE', 'Description' = %q This module exploits an sql injection flaw in the COMPRESSWORKSPACE...

Oracle exploit for CTXSYS.DRVXTABC.CREATE_TABLES and others

Hi! I've just released the working exploit for CTXSYS.DRVXTABC.CREATETABLES injection on Oracle DB 9i/10g CVE-2009-1991 You can find the code on my site, http://rawlab.mindcreations.com In particular, Classic SQL injection:...

Oracle DB SQL Injection via SYS.LT.ROLLBACKWORKSPACE

This module exploits a sql injection flaw in the ROLLBACKWORKSPACE procedure of the PL/SQL package SYS.LT. Any user with execute privilege on the vulnerable package can exploit this vulnerability. This module requires Metasploit: https://metasploit.com/download Current source:...

Design/Logic Flaw

Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LT and WMSYS.LT, a different vulnerability than CVE-2008-3982 and...

CVE-2008-3982

CVE-2008-3982 concerns SQL injection in Oracle Workspace Manager (Workspace Manager component) of Oracle Database. Connected sources document concrete exploits in SYS.LT.* procedures (COMPRESSWORKSPACE, MERGEWORKSPACE, REMOVEWORKSPACE) that allow an attacker with execute privilege to inject SQL, ...