Description

SQL injection vulnerability in Oracle Database Server 9.2.0.7 and 10.1.0.5 allows remote attackers to execute arbitrary SQL commands via the DELETE_FROM_TABLE function in the DBMS_LOGMNR_SESSION (Log Miner) package, aka Vuln# DB06.

Remediation

References

CVE-2006-1871

Related Vulnerabilities

phpMyAdmin Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2016-6631)

WordPress Plugin More from Google Cross-Site Scripting (0.0.2)

Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-12529)

WordPress Plugin bbPress Social Network Multiple Cross-Site Scripting Vulnerabilities (9.2)

WordPress Plugin Simple File List Multiple Vulnerabilities (3.2.4)

Severity

Medium

Classification

CVE-2006-1871 CWE-138

Tags

Missing Update Known Vulnerabilities