ByteOS Network

NVD Vulnerability Details :

CVE-2011-3197

Deferred

Source-secalert@redhat.com

Published At-21 Mar, 2014 | 04:38

Updated At-12 Apr, 2025 | 10:46

SQL injection vulnerability in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary SQL commands via the addrlink parameter to shared/inc/forms/domain_info.php. NOTE: CVE-2011-3197 has been SPLIT due to findings by different researchers. CVE-2011-5272 has been assigned for the vps_note parameter to dtcadmin/logPushlet.php vector.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	6.5	MEDIUM	AV:N/AC:L/Au:S/C:P/I:P/A:P

CPE Matches

gplhost>>domain_technologie_control>>Versions up to 0.32.11(inclusive)

cpe:2.3:a:gplhost:domain_technologie_control:*:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.24.6

cpe:2.3:a:gplhost:domain_technologie_control:0.24.6:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.25.1

cpe:2.3:a:gplhost:domain_technologie_control:0.25.1:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.25.2

cpe:2.3:a:gplhost:domain_technologie_control:0.25.2:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.25.3

cpe:2.3:a:gplhost:domain_technologie_control:0.25.3:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.26.7

cpe:2.3:a:gplhost:domain_technologie_control:0.26.7:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.26.8

cpe:2.3:a:gplhost:domain_technologie_control:0.26.8:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.26.9

cpe:2.3:a:gplhost:domain_technologie_control:0.26.9:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.27.3

cpe:2.3:a:gplhost:domain_technologie_control:0.27.3:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.28.2

cpe:2.3:a:gplhost:domain_technologie_control:0.28.2:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.28.3

cpe:2.3:a:gplhost:domain_technologie_control:0.28.3:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.28.4

cpe:2.3:a:gplhost:domain_technologie_control:0.28.4:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.28.6

cpe:2.3:a:gplhost:domain_technologie_control:0.28.6:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.28.9

cpe:2.3:a:gplhost:domain_technologie_control:0.28.9:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.28.10

cpe:2.3:a:gplhost:domain_technologie_control:0.28.10:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.29.1

cpe:2.3:a:gplhost:domain_technologie_control:0.29.1:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.29.6

cpe:2.3:a:gplhost:domain_technologie_control:0.29.6:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.29.8

cpe:2.3:a:gplhost:domain_technologie_control:0.29.8:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.29.10

cpe:2.3:a:gplhost:domain_technologie_control:0.29.10:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.29.14

cpe:2.3:a:gplhost:domain_technologie_control:0.29.14:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.29.15

cpe:2.3:a:gplhost:domain_technologie_control:0.29.15:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.29.16

cpe:2.3:a:gplhost:domain_technologie_control:0.29.16:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.29.17

cpe:2.3:a:gplhost:domain_technologie_control:0.29.17:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.30.6

cpe:2.3:a:gplhost:domain_technologie_control:0.30.6:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.30.8

cpe:2.3:a:gplhost:domain_technologie_control:0.30.8:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.30.10

cpe:2.3:a:gplhost:domain_technologie_control:0.30.10:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.30.18

cpe:2.3:a:gplhost:domain_technologie_control:0.30.18:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.30.20

cpe:2.3:a:gplhost:domain_technologie_control:0.30.20:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.32.1

cpe:2.3:a:gplhost:domain_technologie_control:0.32.1:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.32.2

cpe:2.3:a:gplhost:domain_technologie_control:0.32.2:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.32.3

cpe:2.3:a:gplhost:domain_technologie_control:0.32.3:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.32.4

cpe:2.3:a:gplhost:domain_technologie_control:0.32.4:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.32.5

cpe:2.3:a:gplhost:domain_technologie_control:0.32.5:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.32.6

cpe:2.3:a:gplhost:domain_technologie_control:0.32.6:*:*:*:*:*:*:*

gplhost>>domain_technologie_control>>0.32.7

cpe:2.3:a:gplhost:domain_technologie_control:0.32.7:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-89	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
http://git.gplhost.com/gitweb/?p=dtc.git%3Ba=blob%3Bf=debian/changelog%3Bhb=3eb6ef5cea6c571aae5e49e1930de778eca280c3	secalert@redhat.com	N/A
http://www.debian.org/security/2011/dsa-2365	secalert@redhat.com	N/A
http://www.openwall.com/lists/oss-security/2011/08/13/1	secalert@redhat.com	N/A
http://www.openwall.com/lists/oss-security/2011/08/24/10	secalert@redhat.com	N/A
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637487	secalert@redhat.com	N/A
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637498	secalert@redhat.com	N/A
http://git.gplhost.com/gitweb/?p=dtc.git%3Ba=blob%3Bf=debian/changelog%3Bhb=3eb6ef5cea6c571aae5e49e1930de778eca280c3	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.debian.org/security/2011/dsa-2365	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.openwall.com/lists/oss-security/2011/08/13/1	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.openwall.com/lists/oss-security/2011/08/24/10	af854a3a-2127-422b-91ae-364da2661108	N/A
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637487	af854a3a-2127-422b-91ae-364da2661108	N/A
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=637498	af854a3a-2127-422b-91ae-364da2661108	N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History