Description
Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.3 allow remote authenticated users to have unknown impact via (1) DBMS_JAVA_TEST in the JavaVM component (DB01), (2) Oracle Text component (DB09), and (3) MDSYS.SDO_GEOR_INT in the Spatial component (DB15). NOTE: a reliable researcher claims that DB01 is SQL injection in DBMS_PRVTAQIS.
Remediation
References
Related Vulnerabilities
WordPress Plugin Joy Of Text Lite-SMS messaging for WordPress SQL Injection (2.3.0)
XWikiplatform Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-31988)
Oracle HTTP Server CVE-2021-35666 Vulnerability (CVE-2021-35666)
Drupal URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-7943)