Description

SQL injection vulnerability in Oracle Database Server 9.2.0.7 and 10.1.0.5 allows remote attackers to execute arbitrary SQL commands via the DELETE_FROM_TABLE function in the DBMS_LOGMNR_SESSION (Log Miner) package, aka Vuln# DB06.

Remediation

References

CVE-2006-1871

Related Vulnerabilities

phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9855)

Internet Information Services Other Vulnerability (CVE-2001-0902)

WordPress Plugin Comments-wpDiscuz SQL Injection (5.3.5)

Nginx Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9511)

silverstripeCMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4968)

Severity

Medium

Classification

CVE-2006-1871 CWE-138

Tags

Missing Update Known Vulnerabilities