Loading
Multiple SQL injection vulnerabilities in MapServer before 4.10.7, 5.x before 5.6.7, and 6.x before 6.0.1 allow remote attackers to execute arbitrary SQL commands via vectors related to (1) OGC filter encoding or (2) WMS time support.
Use CWE-89, Osgeo vendor hub and Mapserver product page to widen CVE-2011-2703 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2010-2540, CVE-2017-5522 and CVE-2025-59431 for nearby disclosures in the same product family.