Description
Unspecified vulnerability in the Core RDBMS component in Oracle Database 10.1.0.5 has unknown impact and remote authenticated attack vectors related to sys.dbms_sqltune, aka Vuln# DB10. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB10 is for SQL injection in DROP_SQLSET, DELETE_SQLSET, SELECT_SQLSET, and I_SET_TUNING_PARAMETER. NOTE: some of these vectors might be in DBMS_SQLTUNE_INTERNAL.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Import Export Lite Information Disclosure (3.9.15)
WordPress Plugin Blogger To WordPress SQL Injection (2.2.1)
WordPress Plugin Wp Multiple Meta Box SQL Injection (1.0.0)
Oracle HTTP Server Use After Free Vulnerability (CVE-2019-10082)
WordPress Plugin MasterStudy LMS-for Online Courses and Education Security Bypass (3.2.13)