Unrated severityNVD Advisory· Published Jul 7, 2006· Updated Jun 16, 2026
CVE-2006-3430
CVE-2006-3430
Description
SQL injection vulnerability in checkprofile.asp in (1) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1 and (2) Novell ZENworks 6.2 SR1 and earlier, allows remote attackers to execute arbitrary SQL commands via the agentid parameter.
Affected products
6cpe:2.3:a:lumension:patchlink_update_server:6.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:lumension:patchlink_update_server:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:lumension:patchlink_update_server:6.2.0.181:*:*:*:*:*:*:*
- cpe:2.3:a:lumension:patchlink_update_server:6.2.0.189:*:*:*:*:*:*:*
- Range: <6.1 P1 or >=6.2.x <6.2 SR1 P1
Patches
Vulnerability mechanics
References
10- secunia.com/advisories/20876nvdVendor Advisory
- secunia.com/advisories/20878nvdVendor Advisory
- www.vupen.com/english/advisories/2006/2595nvdVendor Advisory
- www.vupen.com/english/advisories/2006/2596nvdVendor Advisory
- lists.grok.org.uk/pipermail/full-disclosure/2006-June/047495.htmlnvd
- securityreason.com/securityalert/1200nvd
- securitytracker.com/idnvd
- www.securityfocus.com/archive/1/438710/100/0/threadednvd
- www.securityfocus.com/bid/18715nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/27545nvd
News mentions
0No linked articles in our index yet.