Lucene search
K

543 matches found

Cvelist
Cvelist
added 2006/12/10 9:0 p.m.27 views

CVE-2006-6450

Multiple SQL injection vulnerabilities in dagent/downloadreport.asp in Novell ZENworks Patch Management ZPM before 6.3.2.700 allow remote attackers to execute arbitrary SQL commands via the 1 agentid and 2 pass parameters...

8.5AI score0.17607EPSS
Exploits0References5
CVE
CVE
added 2006/12/10 9:0 p.m.51 views

CVE-2006-6450

Concrete details found: PatchLink Update Server (basis for Novell ZENworks Patch Management) is affected by CVE-2006-6450. The vulnerability lies in dagent/downloadreport.asp where unsanitized input for the parameters agentid and pass is used to construct SQL queries. This allows an unauthenticat...

7.5CVSS8.5AI score0.17607EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2006/11/06 12:0 a.m.14 views

Solaris 8 (x86) : 109737-13

SunScreen 3.1 LITE Intel miscellaneous fixes Solarisx86. Date this patch was last updated by Sun : Sep/02/04 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2006/07/28 12:0 a.m.35 views

PatchLink Update Server nwupload.asp Traversal Arbitrary File Write

The remote host is running PatchLink Update Server, a patch and vulnerability management solution. The version of PatchLink Update Server installed on the remote fails to sanitize input to the '/dagent/nwupload.asp' script of directory traversal sequences and does not require authentication befor...

5CVSS5.7AI score0.02626EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2006/07/28 12:0 a.m.83 views

PatchLink Update Server checkprofile.asp checkid Parameter SQL Injection

The remote host is running PatchLink Update Server, a patch and vulnerability management solution. The version of PatchLink Update Server installed on the remote host fails to sanitize user-supplied input to the 'agentid' parameter of the '/dagent/checkprofile.php' script before using it to...

7.5CVSS5.7AI score0.01784EPSS
Exploits0References3
securityvulns
securityvulns
added 2006/02/18 12:0 a.m.49 views

Multiple PatchLink Update Server patch management solution vulnerabilities

No description provided...

1.7AI score
Exploits0References1Affected Software1
NVD
NVD
added 2005/10/30 8:2 p.m.17 views

CVE-2005-3315

Multiple SQL injection vulnerabilities in Novell ZENworks Patch Management 6.x before 6.2.2.181 allow remote attackers to execute arbitrary SQL commands via the 1 Direction parameter to computers/default.asp, and the 2 SearchText, 3 StatusFilter, and 4 computerFilter parameters to...

7.5CVSS8.5AI score0.05402EPSS
Exploits1References11
CVE
CVE
added 2005/10/30 8:0 p.m.45 views

CVE-2005-3315

CVE-2005-3315 affects Novell ZENworks Patch Management 6.x up to 6.2.2.181. The issue is multiple SQL injection vulnerabilities triggered by requests to reports/default.asp and computers/default.asp, enabling execution of arbitrary SQL commands. The Checkpoint Advisory (CPA I) description states ...

7.5CVSS8.5AI score0.05402EPSS
Exploits1References11Affected Software1
Cvelist
Cvelist
added 2005/10/30 8:0 p.m.21 views

CVE-2005-3315

Multiple SQL injection vulnerabilities in Novell ZENworks Patch Management 6.x before 6.2.2.181 allow remote attackers to execute arbitrary SQL commands via the 1 Direction parameter to computers/default.asp, and the 2 SearchText, 3 StatusFilter, and 4 computerFilter parameters to...

8.5AI score0.05402EPSS
Exploits1References11
securityvulns
securityvulns
added 2005/10/28 12:0 a.m.27 views

Novell ZENworks Patch Management Server SQL injection

No description provided...

2.5AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2005/10/28 12:0 a.m.25 views

[CIRT.DK] - Novell ZENworks Patch Management Server 6.0.0.52 - SQL injection

The Novell ZENworks Patch Management Server 6.0.0.52 is vulnerable to SQL injection in the management console. To being able to exploit this issue the administrator have to manually created a none-privileged account as minimum, to allow exploitation. Fix: Upgrade to ZENworks Patch Management...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2005/10/27 12:0 a.m.19 views

Novell ZENworks Patch Management 6.0.52 - '/computers/default.asp?Direction' SQL Injection

source: https://www.securityfocus.com/bid/15220/info ZENworks Patch Management is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2005/10/27 12:0 a.m.21 views

Novell ZENworks Patch Management 6.0.52 - '/reports/default.asp' Multiple SQL Injections

source: https://www.securityfocus.com/bid/15220/info ZENworks Patch Management is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in ...

7AI score
Exploits0
exploitpack
exploitpack
added 2005/10/27 12:0 a.m.9 views

Novell ZENworks Patch Management 6.0.52 - computersdefault.asp?Direction SQL Injection

Novell ZENworks Patch Management 6.0.52 - computersdefault.asp?Direction SQL Injection source: https://www.securityfocus.com/bid/15220/info ZENworks Patch Management is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2005/10/27 12:0 a.m.8 views

Novell ZENworks Patch Management 6.0.52 - reportsdefault.asp Multiple SQL Injections

Novell ZENworks Patch Management 6.0.52 - reportsdefault.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/15220/info ZENworks Patch Management is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize...

0.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/10/06 12:0 a.m.23 views

Patchlink Detection

This script uses Windows credentials to detect whether the remote host is running Patchlink and extracts the version number if so. Patchlink is a fully Internet-based, automated, cross-platform, security patch management system. Josh Zlatin-Amishav josh at ramat dot cc GPLv2 Tenable grants a...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2005/08/26 12:0 a.m.1443 views

Nessus Scan Information

This plugin displays, for each tested host, information about the scan itself : - The version of the plugin set. - The type of scanner Nessus or Nessus Home. - The version of the Nessus Engine. - The port scanners used. - The port range scanned. - The ping round trip time - Whether credentialed o...

5.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/05/16 12:0 a.m.9 views

Checkpoint Firewall-1 NG Patch Level FP3 Detection

Binary data 2912.prm...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2005/02/28 12:0 a.m.25 views

[Hat-Squad] GFI L.N.S.S 5.0 Insecure Credential Storage

February 28, 2005 Hat-Squad Advisory: GFI L.N.S.S 5.0- Insecure Credential Storage Product: GFI Languard Network Security Scanner Vendor Url: http://gfi.com/ Version: 5.0 Vulnerability: Insecure Credential Storage Release Date: February 28, 2005 Vendor Status: Informed on 22 February 2005 Respons...

0.4AI score
Exploits0
NVD
NVD
added 2004/02/10 5:0 a.m.16 views

CVE-2004-2091

Microsoft Baseline Security Analyzer MBSA 1.2 does not correctly identify systems that have been patched but remain vulnerable to exploit until the system is rebooted, possibly giving the administrator a false sense of security...

5CVSS6.6AI score0.03218EPSS
Exploits0References2
Rows per page
Query Builder