Description
Unspecified vulnerability in Oracle Spatial component in Oracle Database 10.2.0.2 has unknown impact and remote authenticated attack vectors related to "create session" privileges, aka Vuln# DB02. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB02 is for SQL injection in the SDO_DROP_USER_BEFORE package using a Trigger for a DROP USER statement in an anonymous PL/SQL block.
Remediation
References
Related Vulnerabilities
WordPress Plugin Export Users With Meta SQL Injection (0.6.4)
WordPress Plugin WP Symposium Multiple Vulnerabilities (14.10)
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-14893)
WordPress Plugin jQuery Reply to Comment Cross-Site Request Forgery (1.31)
WordPress Plugin Rencontre-Dating Site Multiple Vulnerabilities (3.2.1)