VYPR
← All advisories
Unrated severityNVD Advisory· Published May 3, 2011· Updated Apr 29, 2026

CVE-2011-1522

CVE-2011-1522

Description

Multiple SQL injection vulnerabilities in the Doctrine\DBAL\Platforms\AbstractPlatform::modifyLimitQuery function in Doctrine 1.x before 1.2.4 and 2.x before 2.0.3 allow remote attackers to execute arbitrary SQL commands via the (1) limit or (2) offset field.

Affected products

17
  • Doctrine Project/Doctrine1.2.0
    cpe:2.3:a:doctrine-project:doctrine1.2.0:*:*:*:*:*:*:*:*
  • Doctrine Project/Doctrine1.2.1
    cpe:2.3:a:doctrine-project:doctrine1.2.1:*:*:*:*:*:*:*:*
  • Doctrine Project/Doctrine1.2.2
    cpe:2.3:a:doctrine-project:doctrine1.2.2:*:*:*:*:*:*:*:*
  • Doctrine Project/Doctrine1.2.3
    cpe:2.3:a:doctrine-project:doctrine1.2.3:*:*:*:*:*:*:*:*
  • Doctrine Project/Doctrine13 versions
    cpe:2.3:a:doctrine-project:doctrine:2.0.0:*:*:*:*:*:*:*+ 12 more
    • cpe:2.3:a:doctrine-project:doctrine:2.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:doctrine-project:doctrine:2.0.0:alpha1:*:*:*:*:*:*
    • cpe:2.3:a:doctrine-project:doctrine:2.0.0:alpha2:*:*:*:*:*:*
    • cpe:2.3:a:doctrine-project:doctrine:2.0.0:alpha3:*:*:*:*:*:*
    • cpe:2.3:a:doctrine-project:doctrine:2.0.0:alpha4:*:*:*:*:*:*
    • cpe:2.3:a:doctrine-project:doctrine:2.0.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:doctrine-project:doctrine:2.0.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:doctrine-project:doctrine:2.0.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:doctrine-project:doctrine:2.0.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:doctrine-project:doctrine:2.0.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:doctrine-project:doctrine:2.0.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:doctrine-project:doctrine:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:doctrine-project:doctrine:2.0.2:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

7

News mentions

0

No linked articles in our index yet.