176 matches found
EUVD-2026-39147
Quest NetVault Backup NVBUDashboard SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest NetVault Backup. Although authentication is required to exploit this vulnerability, the existing...
EUVD-2026-39148
Quest NetVault Backup NVBULogDaemon Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest NetVault Backup. Although authentication is required to exploit this vulnerability, the existing...
EUVD-2026-39146
Quest NetVault Backup NVBULibrarySlot SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest NetVault Backup. Although authentication is required to exploit this vulnerability, the existing...
EUVD-2026-39145
Quest NetVault Backup NVBULibraryPort SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest NetVault Backup. Although authentication is required to exploit this vulnerability, the existing...
EUVD-2026-39141
Quest NetVault Backup NVBURASDevice SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest NetVault Backup. Although authentication is required to exploit this vulnerability, the existing...
EUVD-2026-39149
Quest NetVault Backup viewclient Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Quest NetVault Backup. User interaction is required to exploit this vulnerability in that the target must vis...
CVE-2026-7569
CVE-2026-7569 affects Quest NetVault Backup viewclient. The flaw is a Cross‑Site Scripting vulnerability in the viewclient webpage due to inadequate input validation, which can be combined with other issues to execute arbitrary code in the context of SYSTEM. Successful exploitation requires user ...
CVE-2026-9787
CVE-2026-9787 affects Quest NetVault Backup, specifically the NVBULogDaemon component that processes JSON-RPC messages. The vulnerability stems from insufficient validation of user-supplied strings before they are used in system calls, enabling a remote attacker to execute code with SYSTEM privil...
CVE-2026-9786
CVE-2026-9786 affects Quest NetVault Backup NVBUDashboard. The flaw is a SQL injection in the NVBUDashboard JSON-RPC message processing that fails to validate a user-supplied string used to build SQL queries, allowing code execution in the context of NETWORK SERVICE. Authentication is required to...
CVE-2026-9785
Affected product: Quest NetVault Backup NVBULibrarySlot.Root cause: Missing validation of a user-supplied string used to build SQL queries in NVBULibrarySlot JSON-RPC processing, enabling SQL injection.Impact: Remote code execution in the context of NETWORK SERVICE. Authentication is required but...
CVE-2026-9784
CVE-2026-9784 affects Quest NetVault Backup, specifically the NVBULibraryPort JSON-RPC handling. The vulnerability arises from insufficient validation of a user-supplied string used to construct SQL queries, enabling SQL injection that can lead to remote code execution in the NETWORK SERVICE cont...
CVE-2026-9783
CVE-2026-9783 affects Quest NetVault Backup, specifically the NVBURemovableMedia JSON-RPC handling. The flaw is due to insufficient validation of a user-supplied string used to construct SQL queries, enabling SQL injection that can execute code in the context of NETWORK SERVICE. Authentication is...
CVE-2026-9781
CVE-2026-9781 affects Quest NetVault Backup NVBURASDevice component. The issue is an SQL Injection in the NVBURASDevice JSON-RPC message processing due to improper validation of user-supplied input used to build SQL queries. Exploitation could allow remote code execution with the context of NETWO...
CVE-2026-9780
CVE-2026-9780 affects Quest NetVault Backup, specifically the addclient3 webpage. The flaw arises from insufficient validation of user-supplied data, enabling cross-site scripting that can be leveraged to bypass authentication and execute code in the context of SYSTEM. Exploitation requires user ...
CVE-2026-7570
Quest NetVault Backup NVBUDashboard is affected by an SQL Injection leading to Remote Code Execution. The flaw occurs in NVBUDashboard JSON-RPC message handling due to improper validation of a user-supplied string used to construct SQL queries, allowing code execution in the NETWORK SERVICE conte...
Quest NetVault Backup NVBUJobCountHistory SQL Injection (CVE-2017-17420)
An SQL injection vulnerability exists in the Server Process Manager Service of Quest NetVault Backup. The vulnerability is due to improper validation of user-supplied input on JSON-RPC requests invoking the Get method of the NVBUJobCountHistory class. A remote unauthenticated attacker could explo...
Quest Netvault Backup Denial of Service (CVE-2018-1162)
A denial of service vulnerability exists in Quest Netvault Backup. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Quest Netvault Remote Code Execution (CVE-2018-1161)
A remote code execution vulnerability exists in quest netvault backup. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Quest NetVault Backup Server 11.4.5 - Process Manager Service SQL Injection Remote Code Execution
Quest NetVault Backup Server 11.4.5 - Process Manager Service SQL Injection Remote Code Execution Exploit Title: Quest NetVault Backup Server 11.4.5 Process Manager Service SQL Injection Remote Code Execution Vulnerability ZDI-17-982 Date: 2-21-2019 Exploit Author: credit goes to rgod for finding...
Quest NetVault Backup Server Code Execution / SQL Injection
Exploit Title: Quest NetVault Backup Server 11.4.5 Process Manager Service SQL Injection Remote Code Execution Vulnerability ZDI-17-982 Date: 2-21-2019 Exploit Author: credit goes to rgod for finding the bug Version: Quest NetVault Backup Server 11.4.5 CVE : CVE-2017-17417 There is a decent...