Novell ZENworks Patch Management 6.2
While analyzing the patch Novell ZENworks Patch Management > 6.2 SR1 P1 Security Update (188.8.131.52) â TID 10100709
The script /dagent/downloadreport.asp is vulnerable to an SQL injection for the parameters agentid and pass. The previous patch does not fix this issue.
This has been fixed in ZPM version 184.108.40.2060
6-Aug-2013 - tgordon - Removed Reported to Engineering, this TID might be available for deletion since product is no longer supported.