Description
SQL injection vulnerability in the Workflow Screen in dotCMS before 3.3.2 allows remote administrators to execute arbitrary SQL commands via the orderby parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Polldaddy Polls & Ratings Cross-Site Scripting (2.0.31)
Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2011-4907)
WordPress Plugin Simple add pages or posts Cross-Site Request Forgery (1.6)
Oracle Database Server CVE-2008-2600 Vulnerability (CVE-2008-2600)