Back to search
CVE-2006-3430
Published: Jul 7, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
SQL injection vulnerability in checkprofile.asp in (1) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1 and (2) Novell ZENworks 6.2 SR1 and earlier, allows remote attackers to execute arbitrary SQL commands via the agentid parameter.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20060629 Multiple Vulnerabilities in PatchLink Update Server 6
mailing-list
x_refsource_FULLDISC
20060629 Multiple Vulnerabilities in PatchLink Update Server 6
mailing-list
x_refsource_BUGTRAQ
20876
third-party-advisory
x_refsource_SECUNIA
20878
third-party-advisory
x_refsource_SECUNIA
18715
vdb-entry
x_refsource_BID
1200
third-party-advisory
x_refsource_SREASON
patchlink-checkprofile-sql-injection(27545)
vdb-entry
x_refsource_XF
ADV-2006-2596
vdb-entry
x_refsource_VUPEN
ADV-2006-2595
vdb-entry
x_refsource_VUPEN
1016405
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now