Lucene search
K

98 matches found

Cvelist
Cvelist
added 2013/06/28 11:0 p.m.24 views

CVE-2013-4093

The SecureSphere Operations Manager SOM Management Server in Imperva SecureSphere 9.0.0.5 allows remote attackers to obtain sensitive information via 1 a direct request to dwr/call/plaincall/AsyncOperationsContainer.getOperationState.dwr, which reveals the installation path in the s0.filePath...

6.2AI score0.06883EPSS
Exploits0References2
CVE
CVE
added 2013/06/28 11:0 p.m.43 views

CVE-2013-4095

Imperva SecureSphere SOM Management Server (v9.0.0.5) is affected by CVE-2013-4095. Remote authenticated users can execute arbitrary commands via a task payload using a [command].value field together with an [arguments].value field. The description is consistent across multiple sources (NVD/Red H...

6.5CVSS7.3AI score0.05885EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2013/06/28 11:0 p.m.48 views

CVE-2013-4094

CVE-2013-4094 concerns Imperva SecureSphere 9.0.0.5, where the Key Management feature in the SOM Management Server allows remote authenticated users to upload executable files via the private_key or public_key parameters in a T/keyManagement request to plain/settings.html, demonstrated by Linux E...

6.5CVSS6.5AI score0.05629EPSS
Exploits0References2Affected Software1
exploitpack
exploitpack
added 2013/06/05 12:0 a.m.44 views

Imperva SecureSphere Operations Manager 9.0.0.5 - Multiple Vulnerabilities

Imperva SecureSphere Operations Manager 9.0.0.5 - Multiple Vulnerabilities Original: http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt =============================== - Advisory - =============================== Tittle: Imperva SecureSphere Operations Manager - Command...

0.6AI score
Exploits0
0day.today
0day.today
added 2013/06/05 12:0 a.m.65 views

Imperva SecureSphere Operations Manager Command Execution Vulnerability

Imperva SecureSphere Operations Manager version 9.0.0.5 Enterprise Edition suffers from path disclosure, command execution, and arbitrary file upload vulnerabilities. Tittle: Imperva SecureSphere Operations Manager - Command Execution Post Authentication & Minor issues Risk: High Date: 27.May.201...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2013/06/05 12:0 a.m.56 views

Imperva SecureSphere Operations Manager 9.0.0.5 - Multiple Vulnerabilities

Original: http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt =============================== - Advisory - =============================== Tittle: Imperva SecureSphere Operations Manager - Command Execution Post Authentication & Minor issues Risk: High Date: 27.May.2013...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2013/06/03 12:0 a.m.49 views

Imperva SecureSphere Operations Manager Command Execution

Original: http://www.digitalsec.net/stuff/explt+advs/Imperva-SecureSphere.OptMgr.txt =============================== - Advisory - =============================== Tittle: Imperva SecureSphere Operations Manager - Command Execution Post Authentication & Minor issues Risk: High Date: 27.May.2013...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2013/06/03 12:0 a.m.25 views

Imperva SecureSphere Operations Manager multiple security vulnerabilities

Multiple web interface vulnerabilities...

2.4AI score
Exploits0References1Affected Software1
NVD
NVD
added 2011/06/06 7:55 p.m.18 views

CVE-2011-0767

Cross-site scripting XSS vulnerability in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall 6.2, 7.x, and 8.x allows remote attackers to inject arbitrary web script or HTML via an HTTP request to a firewalled server, aka Bug ID 31759...

4.3CVSS5.7AI score0.01248EPSS
Exploits0References5
Cvelist
Cvelist
added 2011/06/06 7:0 p.m.22 views

CVE-2011-0767

Cross-site scripting XSS vulnerability in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall 6.2, 7.x, and 8.x allows remote attackers to inject arbitrary web script or HTML via an HTTP request to a firewalled server, aka Bug ID 31759...

5.7AI score0.01248EPSS
Exploits0References5
CVE
CVE
added 2011/06/06 7:0 p.m.43 views

CVE-2011-0767

The CVE-2011-0767 vulnerability affects Imperva SecureSphere Web Application Firewall, specifically the management GUI in MX Management Server across versions 6.2, 7.x, and 8.x. Root cause: improper validation/sanitization of user-controlled input stored and later returned to the administrator in...

4.3CVSS5.9AI score0.01248EPSS
Exploits0References5Affected Software1
Exploit DB
Exploit DB
added 2011/05/09 12:0 a.m.22 views

Imperva SecureSphere - SQL Query Filter Security Bypass

source: https://www.securityfocus.com/bid/47780/info Imperva SecureSphere is prone to a security-bypass vulnerability. An attacker can leverage this vulnerability to bypass certain security restrictions. Successful exploits may allow attackers to exploit SQL-injection vulnerabilities. 15 and...

7AI score
Exploits0
securityvulns
securityvulns
added 2010/04/19 12:0 a.m.36 views

Imperva SecureSphere Web Application Firewall protection bypass

No description provided...

7.8CVSS2.2AI score0.01422EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2010/04/15 5:0 p.m.22 views

CVE-2010-1329

Imperva SecureSphere Web Application Firewall and Database Firewall 5.0.0.5082 through 7.0.0.7078 allow remote attackers to bypass intrusion-prevention functionality via a request that has an appended long string containing an unspecified manipulation...

6.7AI score0.01422EPSS
Exploits0References4
Cvelist
Cvelist
added 2008/03/24 9:0 p.m.24 views

CVE-2008-1463

Cross-site scripting XSS vulnerability in the management GUI in Imperva SecureSphere MX Management Server 5.0 allows remote attackers to inject arbitrary web script or HTML via an invalid or prohibited request to a web server protected by SecureSphere, which triggers injection into the "correctiv...

5.9AI score0.01582EPSS
Exploits1References4
CVE
CVE
added 2008/03/24 9:0 p.m.38 views

CVE-2008-1463

CVE-2008-1463 describes a cross-site scripting (XSS) vulnerability in the management GUI of Imperva SecureSphere MX Management Server 5.0. The issue arises when processing an invalid or prohibited request to a web server protected by SecureSphere, allowing an attacker to inject arbitrary web scri...

4.3CVSS5.9AI score0.01582EPSS
Exploits1References4Affected Software2
exploitpack
exploitpack
added 2008/03/17 12:0 a.m.10 views

Imperva SecureSphere 5.0 - Cross-Site Scripting

Imperva SecureSphere 5.0 - Cross-Site Scripting source: https://www.securityfocus.com/bid/28279/info Imperva SecureSphere is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitra...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2008/03/17 12:0 a.m.22 views

Imperva SecureSphere 5.0 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/28279/info Imperva SecureSphere is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...

7.4AI score
Exploits0
Rows per page
Query Builder