2 matches found
Dell ScriptLogic Asset Manager SQL Injection remote code execution (CVE-2015-1605)
A remote code execution vulnerability has been reported in Dell ScriptLogic Asset Manager. The vulnerability is due to insufficient input validation while processing requests to GetProcessedPackage.aspx or GetClientPackage.aspx, this enables attacker to inject SQL code. A remote attacker can...
CVE-2015-1605
Dell ScriptLogic Asset Manager (Quest Workspace Asset Manager) vulnerable before 9.5 due to multiple SQL injection flaws in GetClientPackage.aspx and GetProcessedPackage.aspx. Root cause: insufficient input validation allowing remote SQL injection, enabling remote code execution under the NETWORK...