Multiple SQL injection vulnerabilities in terminal/paramedit.aspx in VeriFone VeriCentre Web Console before 2.2 build 36 allow remote attackers to execute arbitrary SQL commands via the (1) TerminalId, (2) ModelName, or (3) ApplicationName parameter.
CPE | Name | Operator | Version |
---|---|---|---|
vericentre_web_console | eq | 2.0.1 | |
vericentre_web_console | le | 2.2 | |
vericentre_web_console | eq | 2.0 |