cvedb.io
CVE-2015-6004
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2015-12-27T03:59:00.113 · Last modified 2026-06-17T00:30:14.423

Summary

Multiple SQL injection vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers to execute arbitrary SQL commands via (1) the UniqueID (aka sUniqueID) parameter to WrFreeFormText.asp in the Reports component or (2) the Find Device parameter.

Affected products

progress — whatsup_gold

Does this affect you?

Add your gear to cvedb and we'll alert you only when progress ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.