CVE-2006-6450

Currently unrated

Key Information:

Vendor: Novell
Status: Zenworks Patch Management Server
Vendor: CVE Published:; 10 December 2006

Summary

Multiple SQL injection vulnerabilities in dagent/downloadreport.asp in Novell ZENworks Patch Management (ZPM) before 6.3.2.700 allow remote attackers to execute arbitrary SQL commands via the (1) agentid and (2) pass parameters.

References

https://secure-support.novell.com/KanisaPlatform/Publishi...

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/30768

vdb-entryx_refsource_XF

http://www.vupen.com/english/advisories/2006/4864

vdb-entryx_refsource_VUPEN

EPSS Score

1% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 10, 2006
Vulnerability Reserved
Dec 10, 2006

Collectors

NVD DatabaseMitre Database