Lucene search
MitreCVELIST:CVE-2017-5344HistoryFeb 17, 2017 - 7:45 a.m.
CVE-2017-5344
2017-02-1707:45:00
mitre
www.cve.org
An issue was discovered in dotCMS through 3.6.1. The findChildrenByFilter() function which is called by the web accessible path /categoriesServlet performs string interpolation and direct SQL query execution. SQL quote escaping and a keyword blacklist were implemented in a new class, SQLUtil (main/java/com/dotmarketing/common/util/SQLUtil.java), as part of the remediation of CVE-2016-8902; however, these can be overcome in the case of the q and inode parameters to the /categoriesServlet path. Overcoming these controls permits a number of blind boolean SQL injection vectors in either parameter. The /categoriesServlet web path can be accessed remotely and without authentication in a default dotCMS deployment.
Related
cve
cve
CVE-2017-5344
2017-02-17 07:59:00
CVE-2016-8902
2016-11-14 23:20:00
osv
osv
CVE-2017-5344
2017-02-17 07:59:00
prion
prion
Sql injection
2017-02-17 07:59:00
Sql injection
2016-11-14 23:20:00
openvas
openvas
dotCMS SQL Injection Vulnerability
2017-02-21 00:00:00
dotCMS Multiple SQL Injection Vulnerabilities
2016-11-02 00:00:00
nvd
nvd
CVE-2017-5344
2017-02-17 07:59:00
CVE-2016-8902
2016-11-14 23:20:00
cvelist
cvelist
CVE-2016-8902
2016-11-14 23:00:00
seebug
seebug
dotCMS Blind Boolean SQL Injection in dotCMS <= 3.6.1 (CVE-2017-5344)
2017-02-17 00:00:00
zdt
zdt
dotCMS 3.6.1 Blind Boolean SQL Injection Vulnerability
2017-02-18 00:00:00
dotCMS 3.x SQL Injection Vulnerability
2016-11-02 00:00:00
exploitpack
exploitpack
dotCMS 3.6.1 - Blind Boolean SQL Injection
2017-02-16 00:00:00
packetstorm
packetstorm
dotCMS 3.6.1 Blind Boolean SQL Injection
2017-02-15 00:00:00
dotCMS 3.x SQL Injection
2016-11-01 00:00:00
exploitdb
exploitdb
dotCMS 3.6.1 - Blind Boolean SQL Injection
2017-02-16 00:00:00