CVE-2011-1522
EPSS 0.60%doctrine - SQL injection
發布日:2011/5/3修改日:2026/5/27
也稱為:DEBIAN-CVE-2011-1522
描述
Multiple SQL injection vulnerabilities in the Doctrine\DBAL\Platforms\AbstractPlatform::modifyLimitQuery function in Doctrine 1.x before 1.2.4 and 2.x before 2.0.3 allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset field.
受影響套件(2)
- Debian/doctrinefrom 0, < 1.2.4-1
- Debian/doctrinefrom 0, < 1.2.2-2+squeeze1