QwikSec

Security Database

CVE

CWE

Training

CVE-2011-1522

Published: May 3, 2011

Modified: Sep 17, 2024

PUBLISHED

Description

Multiple SQL injection vulnerabilities in the Doctrine\DBAL\Platforms\AbstractPlatform::modifyLimitQuery function in Doctrine 1.x before 1.2.4 and 2.x before 2.0.3 allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset field.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20110328 Re: CVE Request -- php-doctrine-Doctrine -- SQL injection flaw

mailing-list

x_refsource_MLIST

vdb-entry

x_refsource_BID

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622674

x_refsource_CONFIRM

vendor-advisory

x_refsource_DEBIAN

https://bugzilla.redhat.com/show_bug.cgi?id=689396

x_refsource_CONFIRM

[oss-security] 20110325 CVE Request -- php-doctrine-Doctrine -- SQL injection flaw

mailing-list

x_refsource_MLIST

http://www.doctrine-project.org/blog/doctrine-security-fix

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.