← back
CVE-2011-5276

CVE-2011-5276

EPSS 1.1%
SQL injection vulnerability in the drawAdminTools_PackageInstaller function in shared/inc/forms/packager.php in Domain Technologie Control (DTC) before 0.32.11 allows remote authenticated users to execute arbitrary SQL commands via the database_name parameter.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://git.gplhost.com/gitweb/?p=dtc.git%3Ba=blob%3Bf=debian/changelog%3Bh=dec9970db76b82295e9003ca34cecab8d629da4f%3Bhb=65a7a1b166ea3c4325efd4da80a78498c829aa5ahttp://git.gplhost.com/gitweb/?p=dtc.git%3Ba=commitdiff%3Bh=541d8457a6989a1a925bb866ed972a5f07c2de64https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637632http://www.debian.org/security/2011/dsa-2365