Quest NetVault Backup NVBUJobCountHistory SQL Injection (CVE-2017-17420)

An SQL injection vulnerability exists in the Server Process Manager Service of Quest NetVault Backup. The vulnerability is due to improper validation of user-supplied input on JSON-RPC requests invoking the Get method of the NVBUJobCountHistory class. A remote unauthenticated attacker could explo...

Quest NetVault Backup NVBUEventHistory Get Method SQL Injection (CVE-2017-17412)

An SQL injection vulnerability exists in the Server Process Manager Service of Quest NetVault Backup. The vulnerability is due to improper validation of user-supplied input on JSON-RPC requests invoking the Get method of the NVBUEventHistory class...

Quest NetVault Backup Server Process Manager Service NVBUBackup ClientList Method SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackup ClientList method requests. The issue results from th...

Quest NetVault Backup Server Process Manager Service NVBUBackup JobList Method SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackup JobList method requests. The issue results from the...

Quest NetVault Backup Server Process Manager Service NVBUScheduleSet Get Method SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUScheduleSet Get method requests. The issue results from the...

Quest NetVault Backup Server Process Manager Service NVBUBackupSegment Get Method SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackupSegment Get method requests. The issue results from th...

Quest NetVault Backup Server Process Manager Service NVBUPhaseStatus Get Method SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUPhaseStatus Get method requests. The issue results from the...

Quest NetVault Backup Server Process Manager Service NVBUBackup TimeRange Method SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackup TimeRange method requests. The issue results from the...