NuytsTech Security

CVE-2011-1522

by ·

Multiple SQL injection vulnerabilities in the DoctrineDBALPlatformsAbstractPlatform::modifyLimitQuery function in Doctrine 1.x before 1.2.4 and 2.x before 2.0.3 allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset field.

Date published : 2011-05-03

http://www.securityfocus.com/bid/47034

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=622674

Tags: