SQL injection vulnerability in the Help Desk application in Wave EMBASSY Remote Administration Server (ERAS) allows remote authenticated users to execute arbitrary SQL commands via the ct100$4MainController$TextBoxSearchValue parameter (aka the search field), leading to execution of operating-system commands.
References
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: certcc

Published: 2013-07-15T20:00:00Z

Updated: 2024-09-17T01:16:36.866Z

Reserved: 2013-05-21T00:00:00Z

Link: CVE-2013-3578

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2013-07-15T20:55:03.467

Modified: 2024-11-21T01:53:55.213

Link: CVE-2013-3578

cve-icon Redhat

No data.