Description

SQL injection vulnerability in the SYS.DBMS_CDC_IPUBLISH.CREATE_SCN_CHANGE_SET procedure in Oracle Database Server 10g allows remote attackers to execute arbitrary SQL commands via the CHANGE_SET_NAME parameter.

Remediation

References

CVE-2005-1197

Related Vulnerabilities

Roundcube Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-12640)

WordPress Plugin Teamleader CRM Forms Cross-Site Scripting (2.0.0)

MySQL CVE-2013-3812 Vulnerability (CVE-2013-3812)

WordPress Plugin Freetobook review widget Unspecified Vulnerability (1.0)

MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-9405)

Severity

High

Classification

CVE-2005-1197

Tags

Missing Update Known Vulnerabilities