dotCMS 3.x SQL Injection

Title: Multiple SQL injection vulnerabilities in dotCMS 8x CVE Credit: Elar Lang / https://security.elarlang.eu Vendor/Product: dotCMS http://dotcms.com/ Vulnerability: SQL injection Vulnerable version: before 3.5; 3.3.1 and 3.3.2 depends on CVE CVE: CVE-2016-8902, CVE-2016-8903, CVE-2016-8904,...