Multiple SQL injection vulnerabilities in terminal/paramedit.aspx in VeriFone VeriCentre Web Console prior to 2.2 build 36 allow remote malicious users to execute arbitrary SQL commands via the (1) TerminalId, (2) ModelName, or (3) ApplicationName parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
verifone vericentre web console 2.0 |
||
verifone vericentre web console 2.0.1 |
||
verifone vericentre web console |