Vulnerabilities > Wave
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-07-15 | CVE-2013-3578 | SQL Injection vulnerability in Wave products SQL injection vulnerability in the Help Desk application in Wave EMBASSY Remote Administration Server (ERAS) allows remote authenticated users to execute arbitrary SQL commands via the ct100$4MainController$TextBoxSearchValue parameter (aka the search field), leading to execution of operating-system commands. | 9.0 |
2013-07-15 | CVE-2013-3577 | SQL Injection vulnerability in Wave products SQL injection vulnerability in the Help Desk application in Wave EMBASSY Remote Administration Server (ERAS) allows remote attackers to execute arbitrary SQL commands via the ct100$4MainController$TextBoxSearchValue parameter (aka the search field). | 7.5 |