13 matches found
CVE-2019-12918
Quest KACE Systems Management Appliance Server Center version 9.1.317 is vulnerable to SQL injection. The affected file is softwarelibrary.php and affected parameters are order0column and order0dir...
EUVD-2019-4496
Malware in sbrugna...
Quest Software KACE Systems Management Appliance Server Center Cross-Site Scripting Vulnerability (CNVD-2020-20168)
Quest Software KACE Systems Management Appliance SMA is a systems management appliance from Quest Software, USA. It supports IT asset management, server management and monitoring, software license management, patch management, etc. Server Center is one of the help desk programs. A cross-site...
Quest Software KACE Systems Management Appliance Server Center Cross-Site Scripting Vulnerability (CNVD-2020-20167)
Quest Software KACE Systems Management Appliance SMA is a systems management appliance from Quest Software, USA. It supports IT asset management, server management and monitoring, software license management, patch management, etc. Server Center is one of the help desk programs. A cross-site...
Quest Software KACE Systems Management Appliance Server Center Cross-Site Scripting Vulnerability
Quest Software KACE Systems Management Appliance SMA is a systems management appliance from Quest Software, USA. It supports IT asset management, server management and monitoring, software license management, patch management, etc. Server Center is one of the help desk programs. A cross-site...
Quest Software KACE Systems Management Appliance Server Center SQL Injection Vulnerability
Quest Software KACE Systems Management Appliance SMA is a systems management appliance from Quest Software, USA. It supports IT asset management, server management and monitoring, software license management, patch management, etc. Server Center is one of the help desk programs. A SQL injection...
CVE-2019-13080
Quest KACE Systems Management Appliance Server Center 9.1.317 has an XSS vulnerability via an SVG image and HTML file that allows an authenticated user to execute arbitrary JavaScript in an administrator's browser...
CVE-2019-13077
Quest KACE Systems Management Appliance Server Center 9.1.317 has an XSS vulnerability via the samdetailtitled.php SAMTYPE parameter that allows an attacker to create a malicious link in order to attack authenticated users...
CVE-2019-12917
A reflected XSS vulnerability exists in Quest KACE Systems Management Appliance Server Center 9.1.317 affecting the userui/softwarelibrary.php component via the PATHINFO...
Sql injection
Quest KACE Systems Management Appliance Server Center 9.1.317 is vulnerable to SQL injection. An authenticated user has the ability to execute arbitrary commands against the database. The affected component is /adminui/historylog.php. The affected parameter is TYPENAME...
CVE-2019-13076
Quest KACE Systems Management Appliance Server Center 9.1.317 is vulnerable to SQL injection. An authenticated user has the ability to execute arbitrary commands against the database. The affected component is /userui/ticketlist.php, and affected parameters are order0column and order0dir...
CVE-2019-13080
Quest KACE Systems Management Appliance Server Center 9.1.317 has an XSS vulnerability via an SVG image and HTML file that allows an authenticated user to execute arbitrary JavaScript in an administrator's browser...
CVE-2019-13080
The CVE-2019-13080 vulnerability affects Quest KACE Systems Management Appliance Server Center 9.1.317. A cross-site scripting (XSS) flaw exists in the web interface that can be triggered via an SVG image and an HTML file, allowing an authenticated administrator to have arbitrary JavaScript execu...