CVE-2006-5599

EPSS 1.24% · P79 Updated Feb 27, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-5599

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Cross-site scripting (XSS) vulnerability in Oracle Application Express (formerly HTML DB) before 2.2.1 allows remote attackers to inject arbitrary HTML or web script via the WWV_FLOW_ITEM_HELP package. NOTE: it is likely that this issue overlaps one of the Oracle VulnIDs covered by CVE-2006-5351. Oracle has not publicly disputed claims by a reliable researcher that this has been fixed by the October 2006 CPU.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Oracle Application Express WWV_FLOW_ITEM_HELP数据包跨站脚本攻击漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Oracle Application Express (以前为HTML DB) 2.2.1之前版本中的存在跨站脚本攻击漏洞，远程攻击者可以通过WWV_FLOW_ITEM_HELP数据包来注入任意HTML或Web脚本。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2006-5599

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2006-5599

请登录查看更多情报信息。

http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2006.htmlx_refsource_MISC
http://www.red-database-security.com/advisory/oracle_apex_css_wwv_flow_item_help.htmlx_refsource_MISC
http://securityreason.com/securityalert/1792third-party-advisoryx_refsource_SREASON
http://www.us-cert.gov/cas/techalerts/TA06-291A.htmlthird-party-advisoryx_refsource_CERT
http://www.securityfocus.com/archive/1/449500/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2006-5599

Same Patch Batch · n/a · 2006-10-28 · 11 CVEs total

CVE-2006-5598		GOOP Gallery 'index.php'跨站脚本攻击漏洞
CVE-2006-5600		Axalto Protiva 本地安全信息泄露漏洞
CVE-2006-5601		Xsupplicant eap_do_notify()函数远程栈溢出漏洞
CVE-2006-5602		Xsupplicant eap_do_notify()函数远程栈溢出漏洞
CVE-2006-4513		wvWare多个整数溢出漏洞
CVE-2006-4574		Wireshark MIME协议解析器拒绝服务攻击漏洞
CVE-2006-5469		Wireshark WBXML的协议解析器拒绝服务漏洞
CVE-2006-5595		Wireshark AirPcap 未明WEP KEY解析器漏洞
CVE-2006-5596		Smartgate SSL Server目录遍历信息泄露漏洞
CVE-2006-5597		MiniHTTPServer Web Forum & File Server 'join.asp'绕过认证添加用户漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2006-5599

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2006-5599

I. Basic Information for CVE-2006-5599

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2006-5599

III. Intelligence Information for CVE-2006-5599

Same Patch Batch · n/a · 2006-10-28 · 11 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2006-5599

Leave a comment