CVE-2016-4040

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-4040

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-4040.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2016-4040

Published

2016-04-19T14:59:03Z

Modified

2025-10-15T08:16:29.349717Z

Severity

7.2 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

SQL injection vulnerability in the Workflow Screen in dotCMS before 3.3.2 allows remote administrators to execute arbitrary SQL commands via the orderby parameter.

References

Affected packages

Git / github.com/dotcms/core

Affected ranges

Type: GIT
Repo: https://github.com/dotcms/core
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

bc4db5d71dc67015572f8e4c6fdf87e29b854d02

Affected versions

3.*

3.0

3.2

3.2.1

3.5_Preview01

3.5_Preview02

pre3.*

pre3.5buildrevert

Database specific

vanir_signatures

[
    {
        "source": "https://github.com/dotcms/core/commit/bc4db5d71dc67015572f8e4c6fdf87e29b854d02",
        "id": "CVE-2016-4040-26d5e3a3",
        "digest": {
            "function_hash": "146553412463661694529665155956298200977",
            "length": 902.0
        },
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "function": "WorkflowSearcher",
            "file": "src/com/dotmarketing/portlets/workflows/model/WorkflowSearcher.java"
        },
        "signature_type": "Function"
    },
    {
        "source": "https://github.com/dotcms/core/commit/bc4db5d71dc67015572f8e4c6fdf87e29b854d02",
        "id": "CVE-2016-4040-5f779027",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "168548086562533713783805126038546190139",
                "45393739089889810706477200054240485474",
                "49667685965912731254771251782507568244"
            ]
        },
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "file": "src/com/dotmarketing/factories/EmailFactory.java"
        },
        "signature_type": "Line"
    },
    {
        "source": "https://github.com/dotcms/core/commit/bc4db5d71dc67015572f8e4c6fdf87e29b854d02",
        "id": "CVE-2016-4040-72fc4a84",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "183110635773772962403820442937360175254",
                "109398318881901452971784643168045281612",
                "88540287413814294498137852660443171517",
                "155034379425858125024455644027391605368",
                "135506950140576638110624424402855858996",
                "133160561274209008444879932633734323434",
                "120496209273316070342038657811520055497",
                "85443978690946867411732431428255038325",
                "19992149743797101135100577514139435588",
                "127958600653692894327406137188774956745",
                "95985371943781611890276119361519373811",
                "148862143083758759146610132129283791538",
                "191798460094123393394033478898197378544",
                "158202531139467800518846169706354333925",
                "166747397672484010138772718834442634359",
                "109841636642039664459818389343207290787"
            ]
        },
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "file": "src/com/dotmarketing/portlets/workflows/model/WorkflowSearcher.java"
        },
        "signature_type": "Line"
    },
    {
        "source": "https://github.com/dotcms/core/commit/bc4db5d71dc67015572f8e4c6fdf87e29b854d02",
        "id": "CVE-2016-4040-c563e73a",
        "digest": {
            "function_hash": "176800501469594472534976216634135012135",
            "length": 39.0
        },
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "function": "getOrderBy",
            "file": "src/com/dotmarketing/portlets/workflows/model/WorkflowSearcher.java"
        },
        "signature_type": "Function"
    },
    {
        "source": "https://github.com/dotcms/core/commit/bc4db5d71dc67015572f8e4c6fdf87e29b854d02",
        "id": "CVE-2016-4040-dd723b7e",
        "digest": {
            "function_hash": "293721798236642630076371622678211121054",
            "length": 7446.0
        },
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "function": "sendParameterizedEmail",
            "file": "src/com/dotmarketing/factories/EmailFactory.java"
        },
        "signature_type": "Function"
    },
    {
        "source": "https://github.com/dotcms/core/commit/bc4db5d71dc67015572f8e4c6fdf87e29b854d02",
        "id": "CVE-2016-4040-ec7dd845",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "120760799192413248715899379604117319749",
                "243884907574043380725466628929912262363",
                "264411183942065243064873136232911912113",
                "141689773236307926928748816832140005811"
            ]
        },
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "file": "src/com/dotmarketing/cms/webforms/action/SubmitWebFormAction.java"
        },
        "signature_type": "Line"
    },
    {
        "source": "https://github.com/dotcms/core/commit/bc4db5d71dc67015572f8e4c6fdf87e29b854d02",
        "id": "CVE-2016-4040-f24a06d3",
        "digest": {
            "function_hash": "186321998741370624673172654221131130721",
            "length": 5698.0
        },
        "signature_version": "v1",
        "deprecated": false,
        "target": {
            "function": "unspecified",
            "file": "src/com/dotmarketing/cms/webforms/action/SubmitWebFormAction.java"
        },
        "signature_type": "Function"
    }
]