Oracle Html Db vulnerabilities
2 known vulnerabilities affecting oracle/html_db.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2005-3202P4MEDIUMCVSS 6.8PoCv1.3v1.3.62005-10-14
CVE-2005-3202 [MEDIUM] CVE-2005-3202: Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTML DB (HTMLDB) 1.3 through 1.3.6 all
Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTML DB (HTMLDB) 1.3 through 1.3.6 allow remote attackers to inject arbitrary web script or HTML, and subsequently execute SQL statements via the (1) p or (2) p_t02 parameters.
nvd
CVE-2005-3203P4MEDIUMCVSS 4.6v1.3v1.3.62005-10-14
CVE-2005-3203 [MEDIUM] CVE-2005-3203: The manual installation of Oracle HTML DB (HTMLDB) 1.3 through 1.3.6 stores the SYS password in inst
The manual installation of Oracle HTML DB (HTMLDB) 1.3 through 1.3.6 stores the SYS password in install.lst in plaintext, which allows local users to gain privileges.
nvd