CVE-2011-3195

Опубликовано: 21 мар. 2014

Источник: nvd

CVSS2: 6.5

EPSS Низкий

Описание

shared/inc/sql/lists.php in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in mailing list tunable options.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:gplhost:domain_technologie_control:*:*:*:*:*:*:*:*

Версия до 0.32.11 (включая)

cpe:2.3:a:gplhost:domain_technologie_control:0.24.6:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.25.1:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.25.2:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.25.3:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.26.7:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.26.8:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.26.9:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.27.3:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.28.2:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.28.3:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.28.4:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.28.6:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.28.9:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.28.10:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.29.1:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.29.6:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.29.8:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.29.10:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.29.14:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.29.15:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.29.16:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.29.17:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.30.6:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.30.8:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.30.10:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.30.18:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.30.20:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.32.1:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.32.2:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.32.3:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.32.4:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.32.5:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.32.6:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.32.7:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00709

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2011-3195

ubuntu

почти 12 лет назад

shared/inc/sql/lists.php in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in mailing list tunable options.

CVE-2011-3195

debian

почти 12 лет назад

shared/inc/sql/lists.php in Domain Technologie Control (DTC) before 0. ...

GHSA-jxfv-83cp-632p

github

больше 3 лет назад

shared/inc/sql/lists.php in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in mailing list tunable options.

EPSS

Процентиль: 72%

0.00709

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-20