Vulnerability Details CVE-2006-6450
Multiple SQL injection vulnerabilities in dagent/downloadreport.asp in Novell ZENworks Patch Management (ZPM) before 6.3.2.700 allow remote attackers to execute arbitrary SQL commands via the (1) agentid and (2) pass parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.093
EPSS Ranking 92.4%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/23243
- http://www.securityfocus.com/bid/21473
- http://www.vupen.com/english/advisories/2006/4864
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30768
- https://secure-support.novell.com/KanisaPlatform/Publishing/298/3506963_f.SAL_Public.html
- http://secunia.com/advisories/23243
- http://www.securityfocus.com/bid/21473
- http://www.vupen.com/english/advisories/2006/4864
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30768
- https://secure-support.novell.com/KanisaPlatform/Publishing/298/3506963_f.SAL_Public.html
Products affected by CVE-2006-6450
-
cpe:2.3:a:novell:zenworks_patch_management_server:6.3.2.700