SQL injection vulnerability in the Help Desk application in Wave EMBASSY Remote Administration Server (ERAS) allows remote authenticated users to execute arbitrary SQL commands via the ct100$4MainController$TextBoxSearchValue parameter (aka the search field), leading to execution of operating-system commands.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
http://www.kb.cert.org/vuls/id/217836 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: certcc
Published: 2013-07-15T20:00:00Z
Updated: 2024-09-17T01:16:36.866Z
Reserved: 2013-05-21T00:00:00Z
Link: CVE-2013-3578
Vulnrichment
No data.
NVD
Status : Modified
Published: 2013-07-15T20:55:03.467
Modified: 2024-11-21T01:53:55.213
Link: CVE-2013-3578
Redhat
No data.