CVE-2022-34324

Multiple SQL injections in Sage XRT Business Exchange 12.4.302 allow an authenticated attacker to inject malicious data in SQL queries: Add Currencies, Payment Order, and Transfer History...

Sage XRT Business Exchange SQL注入漏洞

Sage XRT Business Exchange is part of the Sage suite of applications from Sage UK. A SQL injection vulnerability exists in Sage XRT Business Exchange version 12.4.302, which originates from a vulnerability that allows an authenticated attacker to inject malicious data into SQL queries: add...

CVE-2022-34324

Multiple SQL injections in Sage XRT Business Exchange 12.4.302 allow an authenticated attacker to inject malicious data in SQL queries: Add Currencies, Payment Order, and Transfer History...

PT-2023-13359 · Sage · Sage Xrt Business Exchange

Name of the Vulnerable Software and Affected Versions: Sage XRT Business Exchange version 12.4.302 Description: The issue allows an authenticated attacker to inject malicious data in SQL queries, specifically in the following areas: Add Currencies, Payment Order, and Transfer History...

The vulnerability of the NVBUTransferHistory Get request handler in the NetVault Backup software allows a attacker to execute arbitrary code.

The vulnerability of the NVBUTransferHistory Get request handler in the NetVault Backup software for data archiving and restoration is related to insufficient protection of the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

CVE-2017-17419

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUTransferHistory Get method requests. The issue...