Description

SQL injection vulnerability in session.php in DotClear before 1.2.3 allows remote attackers to execute arbitrary SQL commands via the dc_xd parameter in a cookie.

Remediation

References

CVE-2005-3963

Related Vulnerabilities

Apache Tomcat Improper Access Control Vulnerability (CVE-2016-8735)

MySQL CVE-2013-5786 Vulnerability (CVE-2013-5786)

WordPress 5.4.x Multiple Vulnerabilities (5.4 - 5.4.8)

MySQL CVE-2021-2201 Vulnerability (CVE-2021-2201)

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-4382)

Severity

High

Classification

CVE-2005-3963

Tags

Missing Update Known Vulnerabilities