CVE-2012-4951

2012-11-15T06:58:40
ID CVE-2012-4951
Type cve
Reporter NVD
Modified 2017-08-28T21:32:26

Description

Multiple SQL injection vulnerabilities in terminal/paramedit.aspx in VeriFone VeriCentre Web Console before 2.2 build 36 allow remote attackers to execute arbitrary SQL commands via the (1) TerminalId, (2) ModelName, or (3) ApplicationName parameter.