Gplhost Domain Technologie Control — known CVE vulnerabilities
Every CVE whose affected-product data names Gplhost Domain Technologie Control, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (15)
CVE-2011-5274 — CVSS 7.5 (high): The drawAdminTools_PackageInstaller function in shared/inc/forms/packager.php in Domain Technologie Control (DTC) before 0.32.11 allows…
CVE-2011-0434 — CVSS 7.5 (high): Multiple SQL injection vulnerabilities in Domain Technologie Control (DTC) before 0.32.9 allow remote attackers to execute arbitrary SQL…
CVE-2009-0402 — CVSS 7.5 (high): SQL injection vulnerability in client/new_account.php in Domain Technologie Control (DTC) before 0.29.16 allows remote attackers to execute…
CVE-2011-5275 — CVSS 7.5 (high): The install script in Domain Technologie Control (DTC) before 0.34.1 gives sudo permissions for chrootuid to the dtc user, which makes it…
CVE-2011-5276 — CVSS 6.5 (medium): SQL injection vulnerability in the drawAdminTools_PackageInstaller function in shared/inc/forms/packager.php in Domain Technologie Control…
CVE-2011-3195 — CVSS 6.5 (medium): shared/inc/sql/lists.php in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary commands…
CVE-2011-3197 — CVSS 6.5 (medium): SQL injection vulnerability in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary SQL…
CVE-2011-5272 — CVSS 6.5 (medium): SQL injection vulnerability in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary SQL…
CVE-2011-5273 — CVSS 6.5 (medium): Directory traversal vulnerability in shared/package-installer in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated…
CVE-2011-0436 — CVSS 5.0 (medium): The register_user function in client/new_account_form.php in Domain Technologie Control (DTC) before 0.32.9 includes a cleartext password…
CVE-2011-0435 — CVSS 5.0 (medium): Domain Technologie Control (DTC) before 0.32.9 does not require authentication for (1) admin/bw_per_month.php and (2)…
CVE-2011-0437 — CVSS 4.0 (medium): shared/inc/sql/ssh.php in the SSH accounts management implementation in Domain Technologie Control (DTC) before 0.32.9 allows remote…
CVE-2011-3199 — CVSS 3.5 (low): Multiple cross-site scripting (XSS) vulnerabilities in Domain Technologie Control (DTC) before 0.34.1 allow remote authenticated users to…
CVE-2011-3196 — CVSS 2.1 (low): The setup script in Domain Technologie Control (DTC) before 0.34.1 uses world-readable permissions for /etc/apache2/apache2.conf, which…
CVE-2011-3198 — CVSS 2.1 (low): Domain Technologie Control (DTC) before 0.34.1 includes a password in the -b command line argument to htpasswd, which might allow local…