Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2010-0712

Multiple SQL injection vulnerabilities in zport/dmd/Events/getJSONEventsInfo in Zenoss 2.3.3, and other versions before 2.5, allow remote authenticated users to execute arbitrary SQL commands via the (1) severity, (2) state, (3) filter, (4) offset, and (5) count parameters.

See the

CVE page on Mitre.org for more details.

References

MISC: http://dev.zenoss.org/...
MISC: http://www.ngenuity.or...
CONFIRM: http://www.zenoss.com/...
BID: 37802
OSVDB: 61804
SECUNIA: 38195
XF: zenoss-getjsoneventsin...

Launchpad.net

CVE 2010-0712

Related bugs

References