CVE-2006-6450
https://notcve.org/view.php?id=CVE-2006-6450
Multiple SQL injection vulnerabilities in dagent/downloadreport.asp in Novell ZENworks Patch Management (ZPM) before 6.3.2.700 allow remote attackers to execute arbitrary SQL commands via the (1) agentid and (2) pass parameters. Múltiples vulnerabilidades de inyección SQL en dagent/downloadreport.asp en Novell ZENworks Patch Management (ZPM) anterior 6.3.2.700 permite a un atacante remoto ejecutar comandos SQL de su elección a través de los parámetros (1) agentid y (2) pass. • http://secunia.com/advisories/23243 http://www.securityfocus.com/bid/21473 http://www.vupen.com/english/advisories/2006/4864 https://exchange.xforce.ibmcloud.com/vulnerabilities/30768 https://secure-support.novell.com/KanisaPlatform/Publishing/298/3506963_f.SAL_Public.html •
CVE-2005-3315 – Novell ZENworks Patch Management 6.0.52 - '/reports/default.asp' Multiple SQL Injections
https://notcve.org/view.php?id=CVE-2005-3315
Multiple SQL injection vulnerabilities in Novell ZENworks Patch Management 6.x before 6.2.2.181 allow remote attackers to execute arbitrary SQL commands via the (1) Direction parameter to computers/default.asp, and the (2) SearchText, (3) StatusFilter, and (4) computerFilter parameters to reports/default.asp. • https://www.exploit-db.com/exploits/26430 https://www.exploit-db.com/exploits/26429 http://cirt.dk/advisories/cirt-39-advisory.pdf http://secunia.com/advisories/17358 http://securityreason.com/securityalert/124 http://securitytracker.com/id?1015116 http://support.novell.com/cgi-bin/search/searchtid.cgi?10099318.htm http://www.kb.cert.org/vuls/id/536300 http://www.osvdb.org/20362 http://www.osvdb.org/20363 http://www.securityfocus.com/archive/1/414880 http:// •