CVE-2014-9613

Publication date

2020-02-19 19:53:48

Family

mitre

State

PUBLISHED

Description

Multiple SQL injection vulnerabilities in Netsweeper before 2.6.29.10 allow remote attackers to execute arbitrary SQL commands via the (1) login parameter to webadmin/auth/verification.php or (2) dpid parameter to webadmin/deny/index.php.