* Oracle Enterprise Manager Database Control versions 126.96.36.199 and 188.8.131.52
* Oracle Enterprise Manager 10g Grid Control version 10.2.0.4 and prior
SQL Injection works by attempting to modify the parameters passed to an application to change the SQL statements that are passed to a database. SQL injection can be used to insert additional SQL statements to be executed. The 'Type', 'snapshot' and 'table' parameters used in web page /em/console/ecm/history/configHistory and 'fConfigGuid' parameter used in /em/console/ecm/config/compare/compareWizSecondConfig are vulnerable to SQL Injection attacks. These web pages are part of Oracle Enterprise Manager web application. It may be possible for a malicious user to execute a function with the elevated privileges of the SYSMAN database user in the repository database. This user has the DBA role granted.