CVE-2012-4951

2012-11-15T11:58:00
ID CVE-2012-4951
Type cve
Reporter cve@mitre.org
Modified 2017-08-29T01:32:00

Description

Multiple SQL injection vulnerabilities in terminal/paramedit.aspx in VeriFone VeriCentre Web Console before 2.2 build 36 allow remote attackers to execute arbitrary SQL commands via the (1) TerminalId, (2) ModelName, or (3) ApplicationName parameter.