{"id":"CVE-2016-10007","details":"SQL injection vulnerability in the \"Marketing \u003e Forms\" screen in dotCMS before 3.7.2 and 4.x before 4.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the _EXT_FORM_HANDLER_orderBy parameter.","modified":"2026-04-11T03:36:51.515689Z","published":"2018-02-19T21:29:00.207Z","references":[{"type":"EVIDENCE","url":"https://security.elarlang.eu/cve-2016-10007-and-cve-2016-10008-2-sql-injection-vulnerabilities-in-dotcms-blacklist-defence-bypass.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/dotcms/core","events":[{"introduced":"0"},{"fixed":"80ee268510783cef77379f5a6edf521360f62e41"},{"introduced":"a250b2170a726c73286f90645d01df5b4bfc8347"},{"fixed":"67371d2759506de60b7fdc312cdf6ec1d780699d"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"3.7.2"},{"introduced":"4.0.0"},{"fixed":"4.1.1"}]}}],"versions":["3.0","3.5","3.5_Preview01","3.5_Preview02","3.6.0","3.6.1","3.7.1","4.1.0","pre3.5buildrevert"],"database_specific":{"vanir_signatures_modified":"2026-04-11T03:36:51Z","vanir_signatures":[{"id":"CVE-2016-10007-41e9b27f","digest":{"function_hash":"241290185298621007891554281505603001687","length":1428},"signature_version":"v1","target":{"function":"copyFile","file":"src/com/liferay/util/FileUtil.java"},"deprecated":false,"source":"https://github.com/dotcms/core/commit/80ee268510783cef77379f5a6edf521360f62e41","signature_type":"Function"},{"id":"CVE-2016-10007-e08342d2","digest":{"line_hashes":["265946632852977932884128303523723670357","13482300393090543924373351283402629937","220443842849963031689705473488796405003","203171384533745067307694449108004937646","244292544630254535834032209736813068084","260461937911369816127414969336548146849","133983341553324629258352119917993962604","299375530979815561759792828130811945616","229110762949656756505728177505570272711","124567665829881372031395064227602406218","171963961573273996838622609950302628711","340061050881395914732568479998546868364","177567182682626147400453667193036476928","296725623971164824783348025728011110511","295777887788058699715451959152427729266","84541143191960029505396679507957125368","254509219103326428455973536178702520039","61032253393225981299728110177731355402","143469709883192342097233796258580431211","167194415994947220182316305709581354125"],"threshold":0.9},"signature_version":"v1","target":{"file":"src/com/liferay/util/FileUtil.java"},"deprecated":false,"source":"https://github.com/dotcms/core/commit/80ee268510783cef77379f5a6edf521360f62e41","signature_type":"Line"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-10007.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}]}