Lucene search
K

6 matches found

ATTACKERKB
ATTACKERKB
added 2018/02/08 6:29 p.m.2 views

CVE-2017-17422

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackup Get method requests. The issue results from...

9.8CVSS6.6AI score0.03933EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2018/02/08 6:0 p.m.56 views

CVE-2017-17655

The CVE concerns Quest NetVault Backup (11.3.0.12). The vulnerability is a SQL injection in the NVBUBackup PluginList request handling, caused by improper validation of a user-supplied string used to construct SQL queries. This enables remote code execution in the context of the underlying databa...

9.8CVSS9.7AI score0.03933EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2017/12/20 12:0 a.m.5 views

Quest NetVault Backup 'NVBUBackup TimeRange' Method SQL Injection Vulnerability

Quest NetVault Backup is a suite of data backup software from Quest Software, USA. A SQL injection vulnerability in the handling of NVBUBackup TimeRange method requests in Quest NetVault Backup versions prior to 11.4.5 stems from the program's failure to properly detect user-submitted strings pri...

9.8CVSS8.5AI score0.03933EPSS
Exploits0References1
CNVD
CNVD
added 2017/12/20 12:0 a.m.6 views

Quest NetVault Backup SQL Injection Vulnerability (CNVD-2017-37635)

Quest NetVault Backup is a suite of data backup software from Quest Software, USA. A SQL injection vulnerability exists in the handling of NVBUBackup Count method requests in Quest NetVault Backup versions prior to 11.4.5, which stems from the program failing to properly detect user-submitted...

9.8CVSS8.5AI score0.03933EPSS
Exploits0References1
CNVD
CNVD
added 2017/12/20 12:0 a.m.3 views

Quest NetVault Backup SQL Injection Vulnerability (CNVD-2017-37633)

Quest NetVault Backup is a suite of data backup software from Quest Software, USA. A SQL injection vulnerability in the handling of NVBUBackup PluginList method requests in Quest NetVault Backup versions prior to 11.4.5 stems from the program's failure to properly detect user-submitted strings...

9.8CVSS8.6AI score0.03933EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/12/15 12:0 a.m.269 views

Quest NetVault Backup Server Process Manager Service NVBUBackup TimeRange Method SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackup TimeRange method requests. The issue results from the...

7.5CVSS1.2AI score0.03933EPSS
Exploits0
Rows per page
Query Builder