Required CVE Record Information
Description
qcbin/servlet/tdservlet/TDAPI_GeneralWebTreatment in HP Mercury Quality Center 9.0 build 9.1.0.4352 allows remote authenticated users to execute arbitrary SQL commands via the RunQuery method.
References 7 Total
- secunia.com: 24730 third-party-advisory
- osvdb.org: 34630 vdb-entry
- lists.grok.org.uk: 20070403 HP Mercury Quality Center Any SQL execution mailing-list
- vupen.com: ADV-2007-1246 vdb-entry
- securityreason.com: 2527 third-party-advisory
- securitytracker.com: 1017842 vdb-entry
- exchange.xforce.ibmcloud.com: hpmercuryquality-sql-command-execution(33385) vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 7 Total
- secunia.com: 24730 third-party-advisoryx_transferred
- osvdb.org: 34630 vdb-entryx_transferred
- lists.grok.org.uk: 20070403 HP Mercury Quality Center Any SQL execution mailing-listx_transferred
- vupen.com: ADV-2007-1246 vdb-entryx_transferred
- securityreason.com: 2527 third-party-advisoryx_transferred
- securitytracker.com: 1017842 vdb-entryx_transferred
- exchange.xforce.ibmcloud.com: hpmercuryquality-sql-command-execution(33385) vdb-entryx_transferred