This script is Copyright (C) 2004-2014 Frank Berger
The login-page of Oracle9i iSQLplus allows the injection of HTML and
The remote host is running a version of the Oracle9i 'isqlplus' CGI
that is vulnerable to a cross-site scripting attack.
An attacker may exploit this flaw to steal the cookies of legitimate
users on the remote host.
See also :
No solution is known.
Risk factor :
Medium / CVSS Base Score : 4.3