Description
SQL injection vulnerability in the SYS.DBMS_AQADM_SYS package in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 allows remote authenticated users to inject arbitrary SQL commands via unknown vectors, aka DB04. NOTE: as of 20070424, Oracle has not disputed reliable claims that DB04 is actually for multiple vulnerabilities.
Remediation
References
Related Vulnerabilities
WordPress 5.6.x Multiple Vulnerabilities (5.6 - 5.6.8)
WordPress Plugin Really Simple Guest Post Local File Inclusion (1.0.6)
WordPress Plugin WPeMatico RSS Feed Fetcher Cross-Site Scripting (2.3.7)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1159)
WordPress Plugin Click to Call or Chat Buttons Cross-Site Scripting (1.4.0)