Novell : Security Vulnerabilities, CVEs, Published In 2006 (Sql injection)
Multiple SQL injection vulnerabilities in dagent/downloadreport.asp in Novell ZENworks Patch Management (ZPM) before 6.3.2.700 allow remote attackers to execute arbitrary SQL commands via the (1) agentid and (2) pass parameters.
Max CVSS
7.5
EPSS Score
0.76%
Published
2006-12-10
Updated
2017-07-29
SQL injection vulnerability in checkprofile.asp in (1) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1 and (2) Novell ZENworks 6.2 SR1 and earlier, allows remote attackers to execute arbitrary SQL commands via the agentid parameter.
Max CVSS
7.5
EPSS Score
1.45%
Published
2006-07-07
Updated
2018-10-18
2 vulnerabilities found