Arbitrary Command Execution in Domain Technologie Control (DTC) before 0.34.1

Arbitrary Command Execution in Domain Technologie Control (DTC) before 0.34.1

CVE-2011-3195 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

shared/inc/sql/lists.php in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in mailing list tunable options.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.