Description
Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB21 for Statistics and (2) DB22 for Upgrade & Downgrade. NOTE: as of 20060719, Oracle has not disputed a claim by a reliable researcher that DB21 is for a local SQL injection vulnerability in SYS.DBMS_STATS, and that DB22 is for SQL injection in SYS.DBMS_UPGRADE.
Remediation
References
Related Vulnerabilities
Moodle CVE-2019-3852 Vulnerability (CVE-2019-3852)
WordPress Plugin InfiniteWP Client PHP Object Injection (1.6.0)
Oracle Database Server CVE-2007-0268 Vulnerability (CVE-2007-0268)
WordPress Plugin Reviews Plus Denial of Service (1.2.13)
WordPress Plugin Appointment Booking Calendar CSV Injection (1.3.34)