3 matches found
CVE-2007-5766
SQL injection vulnerability in okxLOV.jsp in Oracle E-Business Suite 11 and 12 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: this is probably the same issue as CVE-2007-5527 or CVE-2007-5528, but there are insufficient details to be sure...
CVE-2007-5766
The vulnerability CVE-2007-5766 affects Oracle E-Business Suite 11/12, specifically the okxLOV.jsp page in the Administration console. The root cause is improper input handling that allows an attacker to inject arbitrary SQL in the context of the APPS user, enabling remote exploitation without au...
ZDI-07-058: Oracle E-Business Suite SQL Injection Vulnerability
ZDI-07-058: Oracle E-Business Suite SQL Injection Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-058.html October 16, 2007 -- CVE ID: CVE-2007-5766 -- Affected Vendor: Oracle -- Affected Products: E-Business Suite 11 E-Business Suite 12 -- TippingPointTM IPS Customer Protection:...