This script is Copyright (C) 2004-2015 Frank Berger
The login-page of Oracle9i iSQLplus allows the injection of HTML and
The remote host is running a version of the Oracle9i 'isqlplus' CGI
that is vulnerable to a cross-site scripting attack.
An attacker may exploit this flaw to steal the cookies of legitimate
users on the remote host.
See also :
No solution is known.
Risk factor :
Medium / CVSS Base Score : 4.3
Family: CGI abuses : XSS
Nessus Plugin ID: 12112 ()
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.