CVE-2010-0115

2011-01-1422:00:00

mitre

www.cve.org

8.3 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

83.1%

JSON

SQL injection vulnerability in login.php in the GUI management console in Symantec Web Gateway 4.5 before 4.5.0.376 allows remote attackers to execute arbitrary SQL commands via the USERNAME parameter.

References

osvdb.org/70415

secunia.com/advisories/42878

www.securityfocus.com/bid/45742

www.securitytracker.com/id?1024958

www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110112_00

www.vupen.com/english/advisories/2011/0088

www.zerodayinitiative.com/advisories/ZDI-11-013/

exchange.xforce.ibmcloud.com/vulnerabilities/64658