CVE-2005-3315
Novell ZENworks Patch Management < 6.2.2.181 - SQL Injection via Multiple Parameters
Title source: llmExploitation Summary
EIP tracks 2 public exploits for CVE-2005-3315. PoCs published by Dennis Rand.
AI-analyzed exploit summary The provided text describes SQL injection vulnerabilities in ZENworks Patch Management, with example URLs demonstrating unsanitized input in query parameters. No actual exploit code is present, only a vulnerability description and proof-of-concept URLs.
Description
Multiple SQL injection vulnerabilities in Novell ZENworks Patch Management 6.x before 6.2.2.181 allow remote attackers to execute arbitrary SQL commands via the (1) Direction parameter to computers/default.asp, and the (2) SearchText, (3) StatusFilter, and (4) computerFilter parameters to reports/default.asp.
Exploits (2)
The provided text describes SQL injection vulnerabilities in ZENworks Patch Management, with example URLs demonstrating unsanitized input in query parameters. No actual exploit code is present, only a vulnerability description and proof-of-concept URLs.
The provided text describes a SQL injection vulnerability in ZENworks Patch Management, where unsanitized input in the 'Direction' parameter can be exploited. However, the example URL lacks a full exploit payload, making it a writeup rather than a working PoC.