Arbitrary SQL Command Execution in Ipswitch WhatsUp Gold 15.02 via WrVMwareHostList.asp

Arbitrary SQL Command Execution in Ipswitch WhatsUp Gold 15.02 via WrVMwareHostList.asp

CVE-2012-2601 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SQL injection vulnerability in WrVMwareHostList.asp in Ipswitch WhatsUp Gold 15.02 allows remote attackers to execute arbitrary SQL commands via the sGroupList parameter.

Learn more about our Cis Benchmark Audit For Vmware.