Quest NetVault Backup NVBUJobCountHistory SQL Injection (CVE-2017-17420)

An SQL injection vulnerability exists in the Server Process Manager Service of Quest NetVault Backup. The vulnerability is due to improper validation of user-supplied input on JSON-RPC requests invoking the Get method of the NVBUJobCountHistory class. A remote unauthenticated attacker could explo...

The vulnerability of the NVBUJobCountHistory Get request handler in the NetVault Backup software allows a attacker to execute arbitrary code.

The vulnerability of the NVBUJobCountHistory Get request handler in the NetVault Backup software for data archiving and restoration is related to insufficient protection of the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

Quest NetVault Backup SQL Injection Vulnerability (CNVD-2017-37641)

Quest NetVault Backup is a suite of data backup software from Quest Software, USA. A SQL injection vulnerability in the handling of NVBUJobCountHistory Get method requests in Quest NetVault Backup versions prior to 11.4.5 stems from the program's failure to properly inspect user-submitted strings...

Quest NetVault Backup Server Process Manager Service NVBUJobCountHistory Get Method SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUJobCountHistory Get method requests. The issue results from...