Description
Unspecified vulnerability in Oracle Spatial component in Oracle Database 10.2.0.2 has unknown impact and remote authenticated attack vectors related to "create session" privileges, aka Vuln# DB02. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB02 is for SQL injection in the SDO_DROP_USER_BEFORE package using a Trigger for a DROP USER statement in an anonymous PL/SQL block.
Remediation
References
Related Vulnerabilities
Oracle Application Server CVE-2006-3712 Vulnerability (CVE-2006-3712)
WordPress Plugin wp-publications Local File Inclusion (0.0)
Magento Violation of Secure Design Principles Vulnerability (CVE-2021-28583)
WordPress Plugin Gravity Forms Dynamics CRM Cross-Site Scripting (1.0.7)
WordPress Plugin Advanced File Manager Directory Traversal (5.1)