Description
SQL injection vulnerability in the SYS.DBMS_AQADM_SYS package in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 allows remote authenticated users to inject arbitrary SQL commands via unknown vectors, aka DB04. NOTE: as of 20070424, Oracle has not disputed reliable claims that DB04 is actually for multiple vulnerabilities.
Remediation
References
Related Vulnerabilities
WordPress Plugin SI CAPTCHA Anti-Spam Cross-Site Scripting (2.7.5)
MySQL CVE-2015-4792 Vulnerability (CVE-2015-4792)
jQuery Validation Other Vulnerability (CVE-2021-43306)
Oracle Application Server Other Vulnerability (CVE-2006-5362)
WordPress Plugin NextGEN Gallery-WordPress Gallery 'xml/media-rss.php' Cross-Site Scripting (1.5.1)