EIP-2026-104033

PRE-CVE

Oracle Forms 6i/9i/4.5.10/5.0/6.0.8/10g Services - Unauthorized Form Execution

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104033. PoCs published by Alexander Kornbrust.

AI-analyzed exploit summary The provided text describes an unauthorized form execution vulnerability in Oracle Forms Services, allowing remote command execution if an attacker can write files to the server. It includes example URLs demonstrating the exploit path but lacks functional exploit code.

Description

Oracle Forms 6i/9i/4.5.10/5.0/6.0.8/10g Services - Unauthorized Form Execution

Exploits (1)

exploitdb WRITEUP VERIFIED

by Alexander Kornbrust · textremotemultiple

https://www.exploit-db.com/exploits/26013

View Code ZIP pw:eip

The provided text describes an unauthorized form execution vulnerability in Oracle Forms Services, allowing remote command execution if an attacker can write files to the server. It includes example URLs demonstrating the exploit path but lacks functional exploit code.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: Oracle Forms Services

No auth needed

Prerequisites: Ability to write files to the target server via WebDAV, FTP, CIFS, etc.

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026