Vulnerabilities > Novell > Zenworks Patch Management Server
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-12-10 | CVE-2006-6450 | SQL Injection vulnerability in Novell Zenworks Patch Management Server 6.3.2.700 Multiple SQL injection vulnerabilities in dagent/downloadreport.asp in Novell ZENworks Patch Management (ZPM) before 6.3.2.700 allow remote attackers to execute arbitrary SQL commands via the (1) agentid and (2) pass parameters. | 7.5 |
2005-10-30 | CVE-2005-3315 | SQL Injection vulnerability in Novell Zenworks Patch Management Server 6.0.0.52 Multiple SQL injection vulnerabilities in Novell ZENworks Patch Management 6.x before 6.2.2.181 allow remote attackers to execute arbitrary SQL commands via the (1) Direction parameter to computers/default.asp, and the (2) SearchText, (3) StatusFilter, and (4) computerFilter parameters to reports/default.asp. | 7.5 |