Описание
SQL injection vulnerability in OpenVAS Manager before 4.0.6 and 5.x before 5.0.7 allows remote attackers to execute arbitrary SQL commands via the timezone parameter in a modify_schedule OMP command.
SQL injection vulnerability in OpenVAS Manager before 4.0.6 and 5.x before 5.0.7 allows remote attackers to execute arbitrary SQL commands via the timezone parameter in a modify_schedule OMP command.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2014-9220
- https://www.alienvault.com/forums/discussion/4415
- http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147753.html
- http://lists.opensuse.org/opensuse-updates/2015-02/msg00039.html
- http://openwall.com/lists/oss-security/2014/11/30/2
- http://www.openvas.org/OVSA20141128.html
Связанные уязвимости
nvd
около 11 лет назад
SQL injection vulnerability in OpenVAS Manager before 4.0.6 and 5.x before 5.0.7 allows remote attackers to execute arbitrary SQL commands via the timezone parameter in a modify_schedule OMP command.