Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2011-3197
HistoryMar 21, 2014 - 4:38 a.m.

CVE-2011-3197

2014-03-2104:38:53
CWE-89
[email protected]
web.nvd.nist.gov
31
cve-2011-3197
sql injection
dtc
remote authenticated
addrlink parameter
domain_info.php

7.9 High

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

65.5%

JSON

SQL injection vulnerability in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary SQL commands via the addrlink parameter to shared/inc/forms/domain_info.php. NOTE: CVE-2011-3197 has been SPLIT due to findings by different researchers. CVE-2011-5272 has been assigned for the vps_note parameter to dtcadmin/logPushlet.php vector.

Affected configurations

NVD
Node
gplhostdomain_technologie_controlRange0.32.11
OR
gplhostdomain_technologie_controlMatch0.24.6
OR
gplhostdomain_technologie_controlMatch0.25.1
OR
gplhostdomain_technologie_controlMatch0.25.2
OR
gplhostdomain_technologie_controlMatch0.25.3
OR
gplhostdomain_technologie_controlMatch0.26.7
OR
gplhostdomain_technologie_controlMatch0.26.8
OR
gplhostdomain_technologie_controlMatch0.26.9
OR
gplhostdomain_technologie_controlMatch0.27.3
OR
gplhostdomain_technologie_controlMatch0.28.2
OR
gplhostdomain_technologie_controlMatch0.28.3
OR
gplhostdomain_technologie_controlMatch0.28.4
OR
gplhostdomain_technologie_controlMatch0.28.6
OR
gplhostdomain_technologie_controlMatch0.28.9
OR
gplhostdomain_technologie_controlMatch0.28.10
OR
gplhostdomain_technologie_controlMatch0.29.1
OR
gplhostdomain_technologie_controlMatch0.29.6
OR
gplhostdomain_technologie_controlMatch0.29.8
OR
gplhostdomain_technologie_controlMatch0.29.10
OR
gplhostdomain_technologie_controlMatch0.29.14
OR
gplhostdomain_technologie_controlMatch0.29.15
OR
gplhostdomain_technologie_controlMatch0.29.16
OR
gplhostdomain_technologie_controlMatch0.29.17
OR
gplhostdomain_technologie_controlMatch0.30.6
OR
gplhostdomain_technologie_controlMatch0.30.8
OR
gplhostdomain_technologie_controlMatch0.30.10
OR
gplhostdomain_technologie_controlMatch0.30.18
OR
gplhostdomain_technologie_controlMatch0.30.20
OR
gplhostdomain_technologie_controlMatch0.32.1
OR
gplhostdomain_technologie_controlMatch0.32.2
OR
gplhostdomain_technologie_controlMatch0.32.3
OR
gplhostdomain_technologie_controlMatch0.32.4
OR
gplhostdomain_technologie_controlMatch0.32.5
OR
gplhostdomain_technologie_controlMatch0.32.6
OR
gplhostdomain_technologie_controlMatch0.32.7
CPENameOperatorVersion
gplhost:domain_technologie_controlgplhost domain technologie controlle0.32.11
gplhost:domain_technologie_controlgplhost domain technologie controleq0.24.6
gplhost:domain_technologie_controlgplhost domain technologie controleq0.25.1
gplhost:domain_technologie_controlgplhost domain technologie controleq0.25.2
gplhost:domain_technologie_controlgplhost domain technologie controleq0.25.3
gplhost:domain_technologie_controlgplhost domain technologie controleq0.26.7
gplhost:domain_technologie_controlgplhost domain technologie controleq0.26.8
gplhost:domain_technologie_controlgplhost domain technologie controleq0.26.9
gplhost:domain_technologie_controlgplhost domain technologie controleq0.27.3
gplhost:domain_technologie_controlgplhost domain technologie controleq0.28.2
Rows per page:
1-10 of 351

Related

prion 2
cve 1
nvd 2
ubuntucve 2
cvelist 2
nessus 1
openvas 2
debian 1
securityvulns 2
osv 1
prion
prion
Sql injection
2014-03-21 04:38:00
Sql injection
2014-03-21 04:38:00
cve
cve
CVE-2011-5272
2022-10-03 16:15:12
nvd
nvd
CVE-2011-5272
2014-03-21 04:38:53
CVE-2011-3197
2014-03-21 04:38:53
ubuntucve
ubuntucve
CVE-2011-5272
2014-03-21 00:00:00
CVE-2011-3197
2014-03-21 00:00:00
cvelist
cvelist
CVE-2011-3197
2014-03-20 19:00:00
CVE-2011-5272
2022-10-03 16:15:12
nessus
nessus
Debian DSA-2365-1 : dtc - several vulnerabilities
2012-01-12 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2365-1)
2012-02-11 00:00:00
Debian Security Advisory DSA 2365-1 (dtc)
2012-02-11 00:00:00
debian
debian
[SECURITY] [DSA 2365-1] dtc security update
2011-12-18 20:48:08
securityvulns
securityvulns
[SECURITY] [DSA 2365-1] dtc security update
2011-12-26 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2011-12-26 00:00:00
osv
osv
dtc - several
2011-12-18 00:00:00

7.9 High

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

65.5%

JSON
Related for CVE-2011-3197
prion2cve1nvd2ubuntucve2cvelist2nessus1openvas2debian1securityvulns2osv1