Description
The installation process for Oracle 10g and llg uses accounts with default passwords, which allows remote attackers to obtain login access by connecting to the Listener. NOTE: at the end of the installation, if performed using the Database Configuration Assistant (DBCA), most accounts are disabled or their passwords are changed.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2012-1751 Vulnerability (CVE-2012-1751)
MySQL CVE-2019-2815 Vulnerability (CVE-2019-2815)
WordPress Plugin Contact Form Email Cross-Site Scripting (1.3.24)
MySQL CVE-2015-2620 Vulnerability (CVE-2015-2620)
WordPress Plugin BuddyPress Activity Plus Multiple Vulnerabilities (1.6.1)