Description
SQL injection vulnerability in the SYS.DBMS_CDC_IPUBLISH.CREATE_SCN_CHANGE_SET procedure in Oracle Database Server 10g allows remote attackers to execute arbitrary SQL commands via the CHANGE_SET_NAME parameter.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2014-6546 Vulnerability (CVE-2014-6546)
Joomla! Core 3.x.x Cross-Site Request Forgery (3.2.0 - 3.9.12)
Liferay Portal Excessive Iteration Vulnerability (CVE-2024-25144)
MySQL CVE-2015-4866 Vulnerability (CVE-2015-4866)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0122)