7.5

CVE-2005-3315

Exploit

EPSS 8.98%
Published 30.10.2005 20:02:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Multiple SQL injection vulnerabilities in Novell ZENworks Patch Management 6.x before 6.2.2.181 allow remote attackers to execute arbitrary SQL commands via the (1) Direction parameter to computers/default.asp, and the (2) SearchText, (3) StatusFilter, and (4) computerFilter parameters to reports/default.asp.

Affected products Warnungen 0 Metrics 2 CWE 0 References 14

Data is provided by the National Vulnerability Database (NVD)

Novell ≫ Zenworks Patch Management Server Version6.0.0.52

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	8.98%	0.922

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://cirt.dk/advisories/cirt-39-advisory.pdf

Patch

Vendor Advisory

Exploit

http://secunia.com/advisories/17358

Patch

Vendor Advisory

http://securityreason.com/securityalert/124

http://securitytracker.com/id?1015116

http://support.novell.com/cgi-bin/search/searchtid.cgi?10099318.htm

Patch

http://www.kb.cert.org/vuls/id/536300

US Government Resource

http://www.osvdb.org/20362

http://www.osvdb.org/20363

http://www.securityfocus.com/archive/1/414880

http://www.securityfocus.com/bid/15220

http://www.vupen.com/english/advisories/2005/2238

https://nvd.nist.gov/vuln/detail/CVE-2005-3315

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-3315

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-3315

EUVD