CVE-2011-0434

Published: Mar 7, 2011

Modified: Aug 6, 2024

PUBLISHED

Description

Multiple SQL injection vulnerabilities in Domain Technologie Control (DTC) before 0.32.9 allow remote attackers to execute arbitrary SQL commands via the cid parameter to (1) admin/bw_per_month.php or (2) client/bw_per_month.php.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

43523

third-party-advisory

x_refsource_SECUNIA

ADV-2011-0556

vdb-entry

x_refsource_VUPEN

http://packages.debian.org/changelogs/pool/main/d/dtc/dtc_0.29.17-1+lenny1/changelog

x_refsource_CONFIRM

dtc-cid-sql-injection(65895)

vdb-entry

x_refsource_XF

http://git.gplhost.com/gitweb/?p=dtc.git%3Ba=commit%3Bh=89da9c519b04cda1b23e6290d2b0a6cea1bae31e

x_refsource_CONFIRM

DSA-2179

vendor-advisory

x_refsource_DEBIAN

http://git.gplhost.com/gitweb/?p=dtc.git%3Ba=commit%3Bh=e94e8b9cc354bfcaeb284d5331b815256bb46162

x_refsource_CONFIRM

http://packages.debian.org/changelogs/pool/main/d/dtc/dtc_0.32.10-1/changelog

x_refsource_CONFIRM

[dtcannounce] 20110303 Fwd: [SECURITY] [DSA 2179-1] dtc security update

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2011-0434

Description

Affected Products

References