CVE-2006-6450

https://notcve.org/view.php?id=CVE-2006-6450

Multiple SQL injection vulnerabilities in dagent/downloadreport.asp in Novell ZENworks Patch Management (ZPM) before 6.3.2.700 allow remote attackers to execute arbitrary SQL commands via the (1) agentid and (2) pass parameters. Múltiples vulnerabilidades de inyección SQL en dagent/downloadreport.asp en Novell ZENworks Patch Management (ZPM) anterior 6.3.2.700 permite a un atacante remoto ejecutar comandos SQL de su elección a través de los parámetros (1) agentid y (2) pass. • http://secunia.com/advisories/23243 http://www.securityfocus.com/bid/21473 http://www.vupen.com/english/advisories/2006/4864 https://exchange.xforce.ibmcloud.com/vulnerabilities/30768 https://secure-support.novell.com/KanisaPlatform/Publishing/298/3506963_f.SAL_Public.html •