Description
Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.3 allow remote authenticated users to have unknown impact via (1) DBMS_JAVA_TEST in the JavaVM component (DB01), (2) Oracle Text component (DB09), and (3) MDSYS.SDO_GEOR_INT in the Spatial component (DB15). NOTE: a reliable researcher claims that DB01 is SQL injection in DBMS_PRVTAQIS.
Remediation
References
Related Vulnerabilities
Drupal Core 9.1.x Cross-Site Request Forgery (9.1.0 - 9.1.12)
SharePoint CVE-2021-28450 Vulnerability (CVE-2021-28450)
WordPress Plugin Pondol Form to Mail Cross-Site Scripting (1.1)
WordPress Plugin Weaver Show Posts Cross-Site Scripting (1.6)
PHP Deserialization of Untrusted Data Vulnerability (CVE-2017-11143)