Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
doctrine-project vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2011-1522
Multiple SQL injection vulnerabilities in the Doctrine\DBAL\Platforms\AbstractPlatform::modifyLimitQuery function in Doctrine 1.x prior to 1.2.4 and 2.x prior to 2.0.3 allow remote malicious users to execute arbitrary SQL commands via the (1) limit or (2) offset field.
Doctrine-project Doctrine1.2.1
Doctrine-project Doctrine1.2.3
Doctrine-project Doctrine1.2.0
Doctrine-project Doctrine1.2.2
Doctrine-project Doctrine 2.0.0
Doctrine-project Doctrine 2.0.1
Doctrine-project Doctrine 2.0.2
7.2
CVSSv2
CVE-2015-5723
Doctrine Annotations prior to 1.2.7, Cache prior to 1.3.2 and 1.4.x prior to 1.4.2, Common prior to 2.4.3 and 2.5.x prior to 2.5.1, ORM prior to 2.4.8 or 2.5.x prior to 2.5.1, MongoDB ODM prior to 1.0.2, and MongoDB ODM Bundle prior to 3.0.1 use world-writable permissions for cac...
Zend Zend-cache 2.5.1
Zend Zend-cache 2.5.0
Zend Zend-cache 2.5.2
Zend Zend-cache
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Doctrine-project Object Relational Mapper 2.5.0
Doctrine-project Object Relational Mapper
Doctrine-project Doctrinemongodbbundle 3.0.0
Zend Zend Framework
Doctrine-project Common
Doctrine-project Common 2.5.0
Doctrine-project Annotations
Doctrine-project Mongodb-odm
Doctrine-project Cache 1.4.0
Doctrine-project Cache 1.4.1
Doctrine-project Cache
Zend Zf-apigility-doctrine
1 Github repository
7.5
CVSSv2
CVE-2021-43608
Doctrine DBAL 3.x prior to 3.1.4 allows SQL Injection. The escaping of offset and length inputs to the generation of a LIMIT clause was not probably cast to an integer, allowing SQL injection to take place if application developers passed unescaped user input to the DBAL QueryBui...
Doctrine-project Database Abstraction Layer
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started