Skip to main content

Kace K1000 Systems Management Appliance Software

2 CVEs product

Monthly

CVE-2014-0330 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in adminui/user_list.php on the Dell KACE K1000 management appliance 5.5.90545 allows remote attackers to inject arbitrary web script or HTML via the LABEL_ID. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

PHP Dell XSS Kace K1000 Systems Management Appliance Software Kace K1000 Systems Management Appliance
NVD
CVSS 2.0
4.3
EPSS
1.4%
CVE-2014-1671 MEDIUM POC This Month

Multiple SQL injection vulnerabilities in Dell KACE K1000 5.4.76847 and possibly earlier allow remote attackers or remote authenticated users to execute arbitrary SQL commands via the macAddress. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Dell SQLi Kace K1000 Systems Management Appliance Software Kace K1000 Systems Management Virtual Appliance +3
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
0.3%
EPSS 1% CVSS 4.3
MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in adminui/user_list.php on the Dell KACE K1000 management appliance 5.5.90545 allows remote attackers to inject arbitrary web script or HTML via the LABEL_ID. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

PHP Dell XSS +2
NVD
EPSS 0% CVSS 6.5
MEDIUM POC This Month

Multiple SQL injection vulnerabilities in Dell KACE K1000 5.4.76847 and possibly earlier allow remote attackers or remote authenticated users to execute arbitrary SQL commands via the macAddress. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Dell SQLi +5
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy