Novell ZENworks Patch Management 6.2
While analyzing the patch Novell ZENworks Patch Management > 6.2 SR1 P1 Security Update (184.108.40.206) â TID 10100709
The script /dagent/downloadreport.asp is vulnerable to an SQL injection for the parameters agentid and pass. The previous patch does not fix this issue.
This has been fixed in ZPM version 220.127.116.110
6-Aug-2013 - tgordon - Removed Reported to Engineering, this TID might be available for deletion since product is no longer supported.