CVE-2011-5272

Affected product: Domain Technologie Control (DTC) prior to 0.34.1. Vulnerability: SQL injection via the vps_note parameter to dtcadmin/logPushlet.php, allowing remote authenticated users to execute arbitrary SQL commands. Root cause (as stated): input handling leads to SQL injection; CVE-2011-52...