1 results (0.003 seconds)
CVSS: 9.8EPSS: 0%CPEs: 17EXPL: 0
CVSS: 9.8EPSS: 0%CPEs: 17EXPL: 0CVE-2011-1522
https://notcve.org/view.php?id=CVE-2011-1522
03 May 2011 — Multiple SQL injection vulnerabilities in the Doctrine\DBAL\Platforms\AbstractPlatform::modifyLimitQuery function in Doctrine 1.x before 1.2.4 and 2.x before 2.0.3 allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset field. Múltiples vulnerabilidades de inyección SQL en Doctrine\DBAL\Platforms\AbstractPlatform en la función modifyLimitQuery en Doctrine v1.x antes de v1.2.4 y v2.x antes de v2.0.3 permiten a atacantes remotos ejecutar comandos SQL a través de los campos(1) ... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622674 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •