WEB APPLICATION VULNERABILITIES Standard & Premium

Oracle Database Server CVE-2009-1968 Vulnerability (CVE-2009-1968)

Description

Unspecified vulnerability in the Secure Enterprise Search component in Oracle Database 10.1.8.3 allows remote attackers to affect integrity via unknown vectors. NOTE: the previous information was obtained from the July 2009 CPU. Oracle has not commented on claims from an established researcher that this is cross-site scripting (XSS) via the search_p_groups parameter in search/query/search.

Remediation

References

Related Vulnerabilities

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20042)

MySQL CVE-2019-2688 Vulnerability (CVE-2019-2688)

WordPress Plugin AccessPress Social Share includes Backdoor [Only if downloaded via the vendor website] (4.5.5)

MySQL CVE-2023-22033 Vulnerability (CVE-2023-22033)

WordPress 4.9.x Cross-Domain Flash Injection Vulnerability (4.9 - 4.9.1)

Severity

Medium

Classification

Tags

Missing Update Known Vulnerabilities