CVE-2005-3202

N/A Unknown

Published: October 14, 2005 Modified: April 16, 2026

Description

Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTML DB (HTMLDB) 1.3 through 1.3.6 allow remote attackers to inject arbitrary web script or HTML, and subsequently execute SQL statements via the (1) p or (2) p_t02 parameters.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0173.html

Source: cve@mitre.org

Exploit Vendor Advisory

http://marc.info/?l=bugtraq&m=112870398418456&w=2

Source: cve@mitre.org

http://secunia.com/advisories/14935/

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/62

Source: cve@mitre.org

http://www.oracle.com/technology/deploy/security/pdf/cpuapr2005.pdf

Source: cve@mitre.org

Exploit Vendor Advisory

http://www.osvdb.org/20051

Source: cve@mitre.org

http://www.osvdb.org/20052

Source: cve@mitre.org

http://www.red-database-security.com/advisory/oracle_htmldb_css.html

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/15031

Source: cve@mitre.org

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/22540

Source: cve@mitre.org

http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0173.html