CVE-2023-32610

Mailform Pro CGI 4.3.1.2 and earlier allows a remote unauthenticated attacker to cause a denial-of-service DoS condition...

PT-2023-23910 · Unknown · Mailform Pro Cgi

Name of the Vulnerable Software and Affected Versions: Mailform Pro CGI versions 4.3.1.2 and earlier Description: The issue allows a remote unauthenticated attacker to cause a denial-of-service DoS condition. Recommendations: For Mailform Pro CGI versions 4.3.1.2 and earlier, at the moment, there...

JVN#70502982: SYNCK GRAPHICA Mailform Pro CGI vulnerable to Regular expression Denial-of-Service (ReDoS)

Mailform Pro CGI provided by SYNCK GRAPHICA contains a Regular expression Denial-of-Service ReDoS vulnerability CWE-1333. Impact A remote attacker may be able to cause a denial-of-service DoS. Solution Update the Software Update the software to the latest version according to the information...

Sophos Web Appliance Remote Command Injection Vulnerability (CNVD-2017-05239)

Sophos Web Appliance SWA is a suite of Web security gateway products from Sophos UK. The product supports real-time web threat protection, customized web filtering and dynamic control of applications. A remote command injection vulnerability exists in Sophos Web Appliance SWA versions prior to...

Sophos Web Appliance Remote Command Injection Vulnerability (CNVD-2017-05238)

Sophos Web Appliance SWA is a suite of Web security gateway products from Sophos UK. The product supports real-time web threat protection, customized web filtering and dynamic control of applications. A remote command injection vulnerability exists in Sophos Web Appliance SWA versions prior to...

Sophos Web Appliance Session Fixation Vulnerability

Sophos Web Appliance SWA is a suite of Web security gateway products from Sophos UK. The product supports real-time web threat protection, customized web filtering and dynamic control of applications. A session fixation vulnerability exists in SWA versions prior to 4.3.1.2. An attacker can exploi...

Sophos Web Appliance Remote Command Injection Vulnerability (CNVD-2017-04889)

Sophos Web Appliance SWA is a suite of Web security gateway products from Sophos UK. The product supports real-time web threat protection, customized web filtering and dynamic control of applications. A remote command injection vulnerability exists in the interface for report generation in Sophos...

CVE-2017-6184

In Sophos Web Appliance SWA before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303...

CVE-2017-6183

In Sophos Web Appliance (SWA) versions prior to 4.3.1.2, CVE-2017-6183 describes a remote command injection vulnerability in the configuration utilities used for adding/detecting Active Directory servers. The issue arises from improper sanitization of input when managing AD-related settings, enab...

CVE-2017-6182

Affected product : Sophos Web Appliance (SWA) prior to version 4.3.1.2. Vulnerability : Remote command injection in the reporting UI, via functions related to report generation (NSWA-1304). Impact : Unauthenticated/remote attacker could inject commands through the reporting component; severity is...

CVE-2017-6412

CVE-2017-6412 affects Sophos Web Appliance (SWA) versions before 4.3.1.2, with a Session Fixation vulnerability (NSWA-1310) that can lead to session hijacking. Public references indicate exploitation in 4.3.1.1 and the issue being addressed in the SWA 4.3.1.2 release notes. The CVE entry and mult...

CVE-2017-6184

In Sophos Web Appliance (SWA) versions before 4.3.1.2, the reports-generation interface is vulnerable to remote command injection through the token parameter (aka NSWA-1303). The root cause is improper input handling/sanitization in the reporting path, allowing an authenticated or network-exposed...