CVE-2011-5274

Опубликовано: 21 мар. 2014

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

The drawAdminTools_PackageInstaller function in shared/inc/forms/packager.php in Domain Technologie Control (DTC) before 0.32.11 allows remote attackers to execute arbitrary commands via shell metacharacters in the dtcpkg_directory parameter in a do_install action to dtc/.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:gplhost:domain_technologie_control:*:*:*:*:*:*:*:*

Версия до 0.32.7 (включая)

cpe:2.3:a:gplhost:domain_technologie_control:0.24.6:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.25.1:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.25.2:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.25.3:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.26.7:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.26.8:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.26.9:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.27.3:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.28.2:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.28.3:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.28.4:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.28.6:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.28.9:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.28.10:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.29.1:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.29.6:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.29.8:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.29.10:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.29.14:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.29.15:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.29.16:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.29.17:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.30.6:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.30.8:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.30.10:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.30.18:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.30.20:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.32.1:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.32.2:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.32.3:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.32.4:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.32.5:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.32.6:*:*:*:*:*:*:*

EPSS

Процентиль: 74%

0.00802

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

CVE-2011-5274

ubuntu

почти 12 лет назад

CVE-2011-5274

debian

почти 12 лет назад

The drawAdminTools_PackageInstaller function in shared/inc/forms/packa ...

GHSA-jjm6-qgxm-6cvv

github

больше 3 лет назад

EPSS

Процентиль: 74%

0.00802

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-noinfo