exploitDog

CVE-2005-2983

Опубликовано: 20 сент. 2005

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

SQL injection vulnerability in Oracle Reports that use Lexical References allows remote attackers to execute arbitrary SQL commands via the values in the parameter form that appears when the paramform parameter is set to yes.

Ссылки

http://lists.grok.org.uk/pipermail/full-disclosure/2005-September/037156.html
Exploit
Vendor Advisory
http://marc.info/?l=bugtraq&m=112681849113948&w=2
http://www.red-database-security.com/wp/sql_injection_reports_us.pdf
Exploit
Vendor Advisory
http://lists.grok.org.uk/pipermail/full-disclosure/2005-September/037156.html
Exploit
Vendor Advisory
http://marc.info/?l=bugtraq&m=112681849113948&w=2
http://www.red-database-security.com/wp/sql_injection_reports_us.pdf
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:oracle:reports:1.00:*:*:*:*:*:*:*

EPSS

Процентиль: 77%

0.01057

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-g845-m523-3rph

github

почти 4 года назад

SQL injection vulnerability in Oracle Reports that use Lexical References allows remote attackers to execute arbitrary SQL commands via the values in the parameter form that appears when the paramform parameter is set to yes.

EPSS

Процентиль: 77%

0.01057

Низкий

7.5 High

CVSS2

Дефекты

CWE-89