2 matches found
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUPhaseStatus GetPlugins method requests. The issue...
CVE-2017-17416
CVE-2017-17416 affects Quest NetVault Backup (v11.3.0.12) with a SQL injection in NVBUPhaseStatus GetPlugins handling that allows remote code execution in the database context. The flaw results from insufficient validation of a user-supplied string used to build SQL queries, and authentication is...