2 matches found
CVE-2017-17425
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUSourceDeviceSet Get method requests. The issue...
Quest NetVault Backup SQL Injection Vulnerability (CNVD-2017-37636)
Quest NetVault Backup is a suite of data backup software from Quest Software, USA. A SQL injection vulnerability in the handling of NVBUSourceDeviceSet Get method requests in Quest NetVault Backup versions prior to 11.4.5 stems from the program's failure to properly detect user-submitted strings...