CVE-2011-1522

Published May 3, 2011

Last updated 3 months ago

CVSS info 7.5

Overview

Description: Multiple SQL injection vulnerabilities in the Doctrine\DBAL\Platforms\AbstractPlatform::modifyLimitQuery function in Doctrine 1.x before 1.2.4 and 2.x before 2.0.3 allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset field.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-89

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:doctrine-project:doctrine1.2.0:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B5B72AC-F38F-477C-9342-443D655C86D5"
          },
          {
            "criteria": "cpe:2.3:a:doctrine-project:doctrine1.2.1:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "444A8D64-C771-4E90-BB03-18E803239083"
          },
          {
            "criteria": "cpe:2.3:a:doctrine-project:doctrine1.2.2:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44879964-3946-421E-8D20-75C977A64F7B"
          },
          {
            "criteria": "cpe:2.3:a:doctrine-project:doctrine1.2.3:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6058D58B-9E14-4D96-9C1F-CE27F03A5C73"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:doctrine-project:doctrine:2.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E2C2091-BE4E-44E1-8A9B-948F241A65D5"
          },
          {
            "criteria": "cpe:2.3:a:doctrine-project:doctrine:2.0.0:alpha1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "76FF647A-B286-4661-B2E1-C9937B1C44BA"
          },
          {
            "criteria": "cpe:2.3:a:doctrine-project:doctrine:2.0.0:alpha2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B03AC17C-6C68-4455-8D3E-DAFAF1A11855"
          },
          {
            "criteria": "cpe:2.3:a:doctrine-project:doctrine:2.0.0:alpha3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44DBF629-7517-4366-8E7B-A251695641C3"
          },
          {
            "criteria": "cpe:2.3:a:doctrine-project:doctrine:2.0.0:alpha4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7460A8AC-991A-4225-AE6A-52BFBB7D5AF6"
          },
          {
            "criteria": "cpe:2.3:a:doctrine-project:doctrine:2.0.0:beta1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "54D3E2BF-1DA7-492D-9D06-3D22CDDA4512"
          },
          {
            "criteria": "cpe:2.3:a:doctrine-project:doctrine:2.0.0:beta2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55F640ED-620A-4139-A936-8A78BBDCDE55"
          },
          {
            "criteria": "cpe:2.3:a:doctrine-project:doctrine:2.0.0:beta3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D4BBDF5C-4B62-44B3-8FD6-AC389705C8DB"
          },
          {
            "criteria": "cpe:2.3:a:doctrine-project:doctrine:2.0.0:beta4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D91ACCC1-0407-4724-BEA1-80BBC2E31D0A"
          },
          {
            "criteria": "cpe:2.3:a:doctrine-project:doctrine:2.0.0:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B4A883C-A10D-4B6C-A1DD-8F4EC3AEDB74"
          },
          {
            "criteria": "cpe:2.3:a:doctrine-project:doctrine:2.0.0:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7CB1DCD-C760-4AB7-B0B2-A54911E5AE39"
          },
          {
            "criteria": "cpe:2.3:a:doctrine-project:doctrine:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9397F7E3-0444-4CA1-A4B2-C7634A115A3B"
          },
          {
            "criteria": "cpe:2.3:a:doctrine-project:doctrine:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "048B1E16-E26F-4C47-918F-C21DDCDB2057"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References