CVE-2012-5701

Name of the Vulnerable Software and Affected Versions dotProject versions prior to 2.1.7

Description The issue allows remote authenticated administrators to execute arbitrary SQL commands. This can be achieved via several parameters in different actions to "index.php", including the search string or where parameter in a contacts action, the dept id parameter in a departments action, the project id[] parameter in a project action, or the company id parameter in a system action. Additionally, this issue can be leveraged using CSRF to allow remote attackers to execute arbitrary SQL commands.

Recommendations For dotProject versions prior to 2.1.7, update to version 2.1.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the parameters search string, where, dept id, project id[], and company id in their respective actions to minimize the risk of exploitation.