4 matches found
CVE-2011-3197
SQL injection vulnerability in Domain Technologie Control DTC before 0.34.1 allows remote authenticated users to execute arbitrary SQL commands via the addrlink parameter to shared/inc/forms/domaininfo.php. NOTE: CVE-2011-3197 has been SPLIT due to findings by different researchers. CVE-2011-5272...
Sql injection
SQL injection vulnerability in Domain Technologie Control DTC before 0.34.1 allows remote authenticated users to execute arbitrary SQL commands via the addrlink parameter to shared/inc/forms/domaininfo.php. NOTE: CVE-2011-3197 has been SPLIT due to findings by different researchers. CVE-2011-5272...
Sql injection
SQL injection vulnerability in Domain Technologie Control DTC before 0.34.1 allows remote authenticated users to execute arbitrary SQL commands via the vpsnote parameter to dtcadmin/logPushlet.php. NOTE: this issue was originally part of CVE-2011-3197, but that ID was SPLIT due to different...
CVE-2011-5272
Affected product: Domain Technologie Control (DTC) prior to 0.34.1. Vulnerability: SQL injection via the vps_note parameter to dtcadmin/logPushlet.php, allowing remote authenticated users to execute arbitrary SQL commands. Root cause (as stated): input handling leads to SQL injection; CVE-2011-52...