Doctrine-project » Doctrine : Security Vulnerabilities, CVEs,
Multiple SQL injection vulnerabilities in the Doctrine\DBAL\Platforms\AbstractPlatform::modifyLimitQuery function in Doctrine 1.x before 1.2.4 and 2.x before 2.0.3 allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset field.
Max CVSS
7.5
EPSS Score
0.63%
Published
2011-05-03
Updated
2011-05-31
1 vulnerabilities found