Domain Technologie Control Security Vulnerabilities and Issues — Domain Technologie Control CVE List

Lucene search

GplhostDomain Technologie Control

4 matches found

CVE•added 2011/03/07 9:0 p.m.•38 views

CVE-2011-0434

Multiple SQL injection vulnerabilities in Domain Technologie Control (DTC) before 0.32.9 allow remote attackers to execute arbitrary SQL commands via the cid parameter to (1) admin/bw_per_month.php or (2) client/bw_per_month.php.

7.5CVSS8.4AI score0.0108EPSS

Web

CVE•added 2014/03/21 4:38 a.m.•37 views

CVE-2011-5274

The drawAdminTools_PackageInstaller function in shared/inc/forms/packager.php in Domain Technologie Control (DTC) before 0.32.11 allows remote attackers to execute arbitrary commands via shell metacharacters in the dtcpkg_directory parameter in a do_install action to dtc/.

7.5CVSS7.9AI score0.00802EPSS

Web

CVE•added 2009/02/03 7:30 p.m.•35 views

CVE-2009-0402

SQL injection vulnerability in client/new_account.php in Domain Technologie Control (DTC) before 0.29.16 allows remote attackers to execute arbitrary SQL commands via the (1) familyname, (2) christname, (3) company_name, (4) is_company, (5) email, (6) phone, (7) fax, (8) addr1, (9) addr2, (10) addr...

7.5CVSS8.7AI score0.00706EPSS

Web

CVE•added 2014/03/21 4:38 a.m.•28 views

CVE-2011-5275

The install script in Domain Technologie Control (DTC) before 0.34.1 gives sudo permissions for chrootuid to the dtc user, which makes it easier for context-dependent users to gain privileges.

7.5CVSS6.9AI score0.00252EPSS