Vulnerabilities > CVE-2007-1506 - Cross-Site Scripting vulnerability in Oracle Portal P_OldURL Parameter
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Cross-site scripting (XSS) vulnerability in PORTAL.wwv_main.render_warning_screen in the Oracle Portal 10g allows remote attackers to inject arbitrary web script or HTML via the (1) p_oldurl and (2) p_newurl parameters.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Oracle Portal 10g P_OldURL Parameter Cross-Site Scripting Vulnerability. CVE-2007-1506. Remote exploits for multiple platform |
id | EDB-ID:29749 |
last seen | 2016-02-03 |
modified | 2007-03-16 |
published | 2007-03-16 |
reporter | d3nx |
source | https://www.exploit-db.com/download/29749/ |
title | Oracle Portal 10g P_OldURL Parameter Cross-Site Scripting Vulnerability |