CVE-2011-0467— SQL injection in SUSE studio via select parameter
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2011-0467
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SQL injection in SUSE studio via select parameter
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in the listing of available software of SUSE Studio Onsite, SUSE Studio Onsite 1.1 Appliance allows authenticated users to execute arbitrary SQL statements via SQL injection. Affected releases are SUSE Studio Onsite: versions prior to 1.0.3-0.18.1, SUSE Studio Onsite 1.1 Appliance: versions prior to 1.1.2-0.25.1.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Novell SUSE Studio Onsite和SUSE Studio Onsite Appliance 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Novell SUSE Studio Onsite和SUSE Studio Onsite Appliance都是美国Novell公司的用于在Web浏览器中构建和测试软件应用程序的Web应用程序。 Novell SUSE Studio Onsite 1.0.3-0.18.1之前版本和SUSE Studio Onsite Appliance 1.1.2-0.25.1之前版本中可用软件的列表存在SQL注入漏洞。远程攻击者可利用该漏洞执行任意的SQL语句。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| SUSE | SUSE Studio Onsite | unspecified ~ 1.0.3-0.18.1 | - | |
| SUSE | SUSE Studio Onsite 1.1 Appliance | unspecified ~ 1.1.2-0.25.1 | - |
II. Public POCs for CVE-2011-0467
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2011-0467
Please Login to view more intelligence information
- https://www.suse.com/security/cve/CVE-2011-0467/x_refsource_CONFIRM
- https://bugzilla.suse.com/show_bug.cgi?id=675039x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2011-0467
IV. Related Vulnerabilities
Same vendor: SUSE
- CVE-2026-25702
nftables disabled due to incorrect kernel backport - CVE-2025-62879
Rancher Backup Operator pod's logs leak S3 tokens - CVE-2025-62878
Local Path Provisioner vulnerable to Path Traversal via para - CVE-2025-67601
Rancher CLI skips TLS verification on Rancher CLI login comm - CVE-2025-67860
NeuVector scanner insecurely handles passwords as command ar
Same weakness: CWE-89
- CVE-2026-8207
Gibbon <v30.0.01 认证SQL注入漏洞 - CVE-2026-42287
Emlog: SQL Injection Vulnerability in log_model.php within a - CVE-2026-41889
pgx: SQL Injection via placeholder confusion with dollar quo - CVE-2026-41496
PraisonAI: SQL Injection via unvalidated `table_prefix` in 9 - CVE-2026-42208
LiteLLM: SQL injection in Proxy API key verification
V. Comments for CVE-2011-0467
No comments yet