CVE-2007-5508
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2007-5508
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple SQL injection vulnerabilities in the CTXSYS Intermedia application for the Oracle Text component (CTX_DOC) in Oracle Database 10.1.0.5 and 10.2.0.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) THEMES, (2) GIST, (3) TOKENS, (4) FILTER, (5) HIGHLIGHT, and (6) MARKUP procedures, aka DB03. NOTE: remote unauthenticated attack vectors exist when CTXSYS is used with oracle Application Server.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Oracle CTX_DOC软件包多个SQL注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Oracle Database是一款商业性质大型数据库系统。 Oracle 10g中的Intermedia应用的多个过程实现上存在SQL注入漏洞,远程攻击者可能利用此漏洞非授权访问数据库。 Oracle 10g中的Intermedia应用包含有名为CTX_DOC的软件包,该软件包中的THEMES、GIST、TOKENS、FILTER、HIGHLIGHT和MARKUP过程没有正确地验证SQL查询中的用户输入,允许数据库用户执行SQL注入攻击。如果通过Oracle应用服务器攻击的话则无须用户ID和口令就可以利
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2007-5508
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2007-5508
请登录查看更多情报信息。
- http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.htmlx_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2007-5508
Same Patch Batch · n/a · 2007-10-17 · 52 CVEs total
| CVE-2003-1358 | HP-UX rs.F3000未明未授权访问漏洞 | |
| CVE-2003-1373 | PHPBB Auth.PHP文件泄漏漏洞 | |
| CVE-2003-1372 | myPHPNuke Links.php跨站脚本漏洞 | |
| CVE-2003-1367 | Majordomo默认配置远程列表订阅者泄露漏洞 | |
| CVE-2003-1370 | Nuked-Klan Guestbook HTML注入漏洞 | |
| CVE-2003-1369 | ByteCatcher FTP Client超长服务器标志缓冲区溢出漏洞 | |
| CVE-2003-1368 | Electrasoft 32Bit FTP Client超长服务器标语缓冲区溢出漏洞 | |
| CVE-2003-1371 | Nuked-Klan远程信息泄露漏洞 | |
| CVE-2003-1360 | HP-UX landiag/lanadmin本地缓冲区溢出漏洞 | |
| CVE-2003-1359 | HP-UX stmkfont未明本地缓冲区溢出漏洞 | |
| CVE-2003-1361 | Veritas Bare Metal Restore远程代码执行漏洞 | |
| CVE-2007-5490 | Okul Otomasyon Portal 'Default.ASP' SQL注入漏洞 | |
| CVE-2007-5489 | Artmedic CMS 'Index.PHP' 本地文件包含漏洞 | |
| CVE-2007-5492 | SiteBar 翻译模块'translator.php' 静态代码注入漏洞 | |
| CVE-2007-5491 | SiteBar 翻译模块(translator.php)目录遍历漏洞 | |
| CVE-2007-5534 | Oracle PeopleSoft Enterprise和JD Edwards EnterpriseOne HCM组件未明远程攻击漏洞 | |
| CVE-2007-5533 | Oracle PeopleSoft Enterprise和JD Edwards EnterpriseOne People Tools组件安全漏洞 | |
| CVE-2007-5532 | Oracle PeopleSoft Enterprise和JD Edwards EnterpriseOne People Tools组件安全漏洞 | |
| CVE-2007-5531 | Oracle Help for Web 安全漏洞 | |
| CVE-2007-5530 | Oracle Database Enterprise Manager的Database Control组件未明影响和远程攻击漏洞 |
Showing top 20 of 52 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2007-5508
No comments yet