← Back

Kace K1000 Systems Management Appliance

kace_k1000_systems_management_appliance

Vendor: Dell • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2014-0330
1Dell
2Kace K1000 Systems Management Appliance
Kace K1000 Systems Management Appliance Software
Apr 29, 2026
Feb 6, 2014
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in adminui/user_list.php on the Dell KACE K1000 management appliance 5.5.90545 allows remote attackers to inject arbitrary web script or HTML via the LABEL_ID parameter.
CVE-2014-1671
1Dell
5Kace K1000 Systems Management Appliance
Kace K1000 Systems Management Appliance SoftwareKace K1000 Systems Management Virtual Appliance+2 more
Apr 29, 2026
Jan 26, 2014
N/A· v4
N/A· v3
6.5 MEDIUM· v2
Multiple SQL injection vulnerabilities in Dell KACE K1000 5.4.76847 and possibly earlier allow remote attackers or remote authenticated users to execute arbitrary SQL commands via the macAddress element in a (1) getUploa...Show more
Multiple SQL injection vulnerabilities in Dell KACE K1000 5.4.76847 and possibly earlier allow remote attackers or remote authenticated users to execute arbitrary SQL commands via the macAddress element in a (1) getUploadPath or (2) getKBot SOAP request to service/kbot_service.php; the ID parameter to (3) userui/advisory_detail.php or (4) userui/ticket.php; and the (5) ORDER[] parameter to userui/ticket_list.php.Show less