Multiple SQL injection vulnerabilities in the Doctrine\DBAL\Platforms\AbstractPlatform::modifyLimitQuery function in Doctrine 1.x before 1.2.4 and 2.x before 2.0.3 allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset field.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2011-05-03T20:00:00Z
Updated: 2024-09-17T04:08:51.311Z
Reserved: 2011-03-28T00:00:00Z
Link: CVE-2011-1522
Vulnrichment
No data.
NVD
Status : Modified
Published: 2011-05-03T20:55:06.510
Modified: 2024-11-21T01:26:30.467
Link: CVE-2011-1522
Redhat
No data.