Unrated severityNVD Advisory· Published May 3, 2011· Updated Jun 16, 2026
CVE-2011-1522
CVE-2011-1522
Description
Multiple SQL injection vulnerabilities in the Doctrine\DBAL\Platforms\AbstractPlatform::modifyLimitQuery function in Doctrine 1.x before 1.2.4 and 2.x before 2.0.3 allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset field.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
18cpe:2.3:a:doctrine-project:doctrine1.2.0:*:*:*:*:*:*:*:*+ 17 more
- cpe:2.3:a:doctrine-project:doctrine1.2.0:*:*:*:*:*:*:*:*
- cpe:2.3:a:doctrine-project:doctrine1.2.1:*:*:*:*:*:*:*:*
- cpe:2.3:a:doctrine-project:doctrine1.2.2:*:*:*:*:*:*:*:*
- cpe:2.3:a:doctrine-project:doctrine1.2.3:*:*:*:*:*:*:*:*
- cpe:2.3:a:doctrine-project:doctrine:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:doctrine-project:doctrine:2.0.0:alpha1:*:*:*:*:*:*
- cpe:2.3:a:doctrine-project:doctrine:2.0.0:alpha2:*:*:*:*:*:*
- cpe:2.3:a:doctrine-project:doctrine:2.0.0:alpha3:*:*:*:*:*:*
- cpe:2.3:a:doctrine-project:doctrine:2.0.0:alpha4:*:*:*:*:*:*
- cpe:2.3:a:doctrine-project:doctrine:2.0.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:doctrine-project:doctrine:2.0.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:doctrine-project:doctrine:2.0.0:beta3:*:*:*:*:*:*
- cpe:2.3:a:doctrine-project:doctrine:2.0.0:beta4:*:*:*:*:*:*
- cpe:2.3:a:doctrine-project:doctrine:2.0.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:doctrine-project:doctrine:2.0.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:doctrine-project:doctrine:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:doctrine-project:doctrine:2.0.2:*:*:*:*:*:*:*
- (no CPE)range: 1.x < 1.2.4, 2.x < 2.0.3
Patches
Vulnerability mechanics
References
7- www.doctrine-project.org/blog/doctrine-security-fixnvdPatchVendor Advisory
- bugzilla.redhat.com/show_bug.cginvdPatch
- bugs.debian.org/cgi-bin/bugreport.cginvd
- openwall.com/lists/oss-security/2011/03/25/2nvd
- openwall.com/lists/oss-security/2011/03/28/3nvd
- www.debian.org/security/2011/dsa-2223nvd
- www.securityfocus.com/bid/47034nvd
News mentions
0No linked articles in our index yet.