Unrated severityNVD Advisory· Published Jul 7, 2006· Updated Apr 16, 2026

CVE-2006-3430

Description

SQL injection vulnerability in checkprofile.asp in (1) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1 and (2) Novell ZENworks 6.2 SR1 and earlier, allows remote attackers to execute arbitrary SQL commands via the agentid parameter.

Affected products

Lumension/Patchlink Update Server3 versions
cpe:2.3:a:lumension:patchlink_update_server:6.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:lumension:patchlink_update_server:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:lumension:patchlink_update_server:6.2.0.181:*:*:*:*:*:*:*
- cpe:2.3:a:lumension:patchlink_update_server:6.2.0.189:*:*:*:*:*:*:*
Novell/Zenworks
cpe:2.3:a:novell:zenworks:*:sr1:*:*:*:*:*:*
Range: <=6.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/20876nvdVendor Advisory
secunia.com/advisories/20878nvdVendor Advisory
www.vupen.com/english/advisories/2006/2595nvdVendor Advisory
www.vupen.com/english/advisories/2006/2596nvdVendor Advisory
lists.grok.org.uk/pipermail/full-disclosure/2006-June/047495.htmlnvd
securityreason.com/securityalert/1200nvd
securitytracker.com/idnvd
www.securityfocus.com/archive/1/438710/100/0/threadednvd
www.securityfocus.com/bid/18715nvd
exchange.xforce.ibmcloud.com/vulnerabilities/27545nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000