CVE-2011-5276

Опубликовано: 21 мар. 2014

Источник: nvd

CVSS2: 6.5

EPSS Низкий

Описание

SQL injection vulnerability in the drawAdminTools_PackageInstaller function in shared/inc/forms/packager.php in Domain Technologie Control (DTC) before 0.32.11 allows remote authenticated users to execute arbitrary SQL commands via the database_name parameter.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:gplhost:domain_technologie_control:*:*:*:*:*:*:*:*

Версия до 0.32.7 (включая)

cpe:2.3:a:gplhost:domain_technologie_control:0.24.6:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.25.1:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.25.2:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.25.3:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.26.7:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.26.8:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.26.9:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.27.3:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.28.2:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.28.3:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.28.4:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.28.6:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.28.9:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.28.10:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.29.1:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.29.6:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.29.8:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.29.10:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.29.14:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.29.15:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.29.16:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.29.17:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.30.6:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.30.8:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.30.10:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.30.18:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.30.20:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.32.1:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.32.2:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.32.3:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.32.4:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.32.5:*:*:*:*:*:*:*

cpe:2.3:a:gplhost:domain_technologie_control:0.32.6:*:*:*:*:*:*:*

EPSS

Процентиль: 56%

0.00338

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

CVE-2011-5276

ubuntu

почти 12 лет назад

CVE-2011-5276

debian

почти 12 лет назад

SQL injection vulnerability in the drawAdminTools_PackageInstaller fun ...

GHSA-mh6x-m6m9-2rgr

github

больше 3 лет назад

EPSS

Процентиль: 56%

0.00338

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-89