4 matches found
CVE-2011-3197
SQL injection vulnerability in Domain Technologie Control DTC before 0.34.1 allows remote authenticated users to execute arbitrary SQL commands via the addrlink parameter to shared/inc/forms/domaininfo.php. NOTE: CVE-2011-3197 has been SPLIT due to findings by different researchers. CVE-2011-5272...
Sql injection
SQL injection vulnerability in Domain Technologie Control DTC before 0.34.1 allows remote authenticated users to execute arbitrary SQL commands via the addrlink parameter to shared/inc/forms/domaininfo.php. NOTE: CVE-2011-3197 has been SPLIT due to findings by different researchers. CVE-2011-5272...
CVE-2011-3197
SQL injection vulnerability in Domain Technologie Control DTC before 0.34.1 allows remote authenticated users to execute arbitrary SQL commands via the addrlink parameter to shared/inc/forms/domaininfo.php. NOTE: CVE-2011-3197 has been SPLIT due to findings by different researchers. CVE-2011-5272...
CVE-2011-3197
Summary: CVE-2011-3197 refers to an SQL injection in Domain Technologies Control (DTC) before version 0.34.1. The vulnerability can be triggered by unsafely handling user-provided parameters in web forms. The original CVE-2011-3197 has been split; CVE-2011-5272 covers the vps_note parameter path ...