2 matches found
CVE-2006-6450
Multiple SQL injection vulnerabilities in dagent/downloadreport.asp in Novell ZENworks Patch Management ZPM before 6.3.2.700 allow remote attackers to execute arbitrary SQL commands via the 1 agentid and 2 pass parameters...
CVE-2006-6450
Concrete details found: PatchLink Update Server (basis for Novell ZENworks Patch Management) is affected by CVE-2006-6450. The vulnerability lies in dagent/downloadreport.asp where unsanitized input for the parameters agentid and pass is used to construct SQL queries. This allows an unauthenticat...