Lucene search
RedhatCVELIST:CVE-2011-3197HistoryMar 20, 2014 - 7:00 p.m.
CVE-2011-3197
2014-03-2019:00:00
redhat
www.cve.org
3
SQL injection vulnerability in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary SQL commands via the addrlink parameter to shared/inc/forms/domain_info.php. NOTE: CVE-2011-3197 has been SPLIT due to findings by different researchers. CVE-2011-5272 has been assigned for the vps_note parameter to dtcadmin/logPushlet.php vector.
References
git.gplhost.com/gitweb/?p=dtc.git%3Ba=blob%3Bf=debian/changelog%3Bhb=3eb6ef5cea6c571aae5e49e1930de778eca280c3
www.debian.org/security/2011/dsa-2365
www.openwall.com/lists/oss-security/2011/08/13/1
www.openwall.com/lists/oss-security/2011/08/24/10
bugs.debian.org/cgi-bin/bugreport.cgi?bug=637487
bugs.debian.org/cgi-bin/bugreport.cgi?bug=637498
Related
prion
prion
Sql injection
2014-03-21 04:38:00
Sql injection
2014-03-21 04:38:00
nvd
nvd
CVE-2011-5272
2014-03-21 04:38:53
CVE-2011-3197
2014-03-21 04:38:53
cve
cve
CVE-2011-5272
2014-03-21 04:38:53
CVE-2011-3197
2014-03-21 04:38:53
ubuntucve
ubuntucve
CVE-2011-5272
2014-03-21 00:00:00
CVE-2011-3197
2014-03-21 00:00:00
cvelist
cvelist
CVE-2011-5272
2014-03-20 19:00:00
debian
debian
[SECURITY] [DSA 2365-1] dtc security update
2011-12-18 20:31:53
securityvulns
securityvulns
[SECURITY] [DSA 2365-1] dtc security update
2011-12-26 00:00:00
nessus
nessus
Debian DSA-2365-1 : dtc - several vulnerabilities
2012-01-12 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2365-1)
2012-02-11 00:00:00
Debian Security Advisory DSA 2365-1 (dtc)
2012-02-11 00:00:00
osv
osv
dtc - several
2011-12-18 00:00:00