Researcher issues Oracle DB 'cursor injection' warning David Litchfield's ongoing assault on Oracle databases has unearthed a new method of exploiting PL/SQL injection vulnerabilities.