VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Mar 21, 2014· Updated May 6, 2026

CVE-2011-5273

CVE-2011-5273

Description

Directory traversal vulnerability in shared/package-installer in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary PHP code via a .. (dot dot) in the pkg parameter in a do_install action to dtc/.

Affected products

35
  • Gplhost/Domain Technologie Control35 versions
    cpe:2.3:a:gplhost:domain_technologie_control:*:*:*:*:*:*:*:*+ 34 more
    • cpe:2.3:a:gplhost:domain_technologie_control:*:*:*:*:*:*:*:*range: <=0.32.11
    • cpe:2.3:a:gplhost:domain_technologie_control:0.24.6:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.25.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.25.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.25.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.26.7:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.26.8:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.26.9:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.27.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.28.10:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.28.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.28.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.28.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.28.6:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.28.9:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.29.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.29.10:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.29.14:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.29.15:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.29.16:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.29.17:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.29.6:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.29.8:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.30.10:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.30.18:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.30.20:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.30.6:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.30.8:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.32.1:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.32.2:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.32.3:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.32.4:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.32.5:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.32.6:*:*:*:*:*:*:*
    • cpe:2.3:a:gplhost:domain_technologie_control:0.32.7:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.