Description
SQL injection vulnerability in the categoriesServlet servlet in dotCMS before 3.3.1 allows remote not authenticated attackers to execute arbitrary SQL commands via the sort parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Mobile Pack Information Disclosure (2.1.2)
Oracle JRE CVE-2014-0458 Vulnerability (CVE-2014-0458)
Drupal Core 9.2.x Security Bypass (9.2.0 - 9.2.19)
WordPress Plugin Google Doc Embedder Cross-Site Scripting (2.5.18)
WordPress Plugin GiveWP-Donation and Fundraising Platform Cross-Site Scripting (2.3.0)