Lucene search

K
GplhostDomain Technologie Control

5 matches found

CVE
CVE
added 2014/03/21 4:38 a.m.47 views

CVE-2011-3195

shared/inc/sql/lists.php in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in mailing list tunable options.

6.5CVSS7.2AI score0.00709EPSS
CVE
CVE
added 2014/03/21 4:38 a.m.45 views

CVE-2011-3197

SQL injection vulnerability in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary SQL commands via the addrlink parameter to shared/inc/forms/domain_info.php. NOTE: CVE-2011-3197 has been SPLIT due to findings by different researchers. CVE-2011-527...

6.5CVSS7.9AI score0.00601EPSS
CVE
CVE
added 2014/03/21 4:38 a.m.34 views

CVE-2011-5272

SQL injection vulnerability in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary SQL commands via the vps_note parameter to dtcadmin/logPushlet.php. NOTE: this issue was originally part of CVE-2011-3197, but that ID was SPLIT due to different rese...

6.5CVSS7.9AI score0.00601EPSS
CVE
CVE
added 2014/03/21 4:38 a.m.33 views

CVE-2011-5273

Directory traversal vulnerability in shared/package-installer in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary PHP code via a .. (dot dot) in the pkg parameter in a do_install action to dtc/.

6.5CVSS7.4AI score0.01135EPSS
CVE
CVE
added 2014/03/21 4:38 a.m.33 views

CVE-2011-5276

SQL injection vulnerability in the drawAdminTools_PackageInstaller function in shared/inc/forms/packager.php in Domain Technologie Control (DTC) before 0.32.11 allows remote authenticated users to execute arbitrary SQL commands via the database_name parameter.

6.5CVSS8.2AI score0.00338EPSS