Lucene search
+L

71 matches found

ATTACKERKB
ATTACKERKB
added 2012/05/21 12:0 a.m.23 views

CVE-2012-0297 Symantec Web Gateway Vulnerability

The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to application scripts, which allows remote attackers to execute arbitrary code by 1 injecting crafted data or 2 including crafted data. Recent assessments: wchen-r7 at September 12, 2019 6:07pm UTC...

10CVSS2.5AI score0.72596EPSS
Exploits22References5
Prion
Prion
added 2011/07/11 8:55 p.m.20 views

Sql injection

SQL injection vulnerability in forget.php in the management GUI in Symantec Web Gateway 4.5.x allows remote attackers to execute arbitrary SQL commands via the username parameter...

7.5CVSS9AI score0.02237EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2011/07/11 8:0 p.m.26 views

CVE-2011-0549

SQL injection vulnerability in forget.php in the management GUI in Symantec Web Gateway 4.5.x allows remote attackers to execute arbitrary SQL commands via the username parameter...

8.2AI score0.02237EPSS
Exploits1References6
Prion
Prion
added 2011/06/06 7:55 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall 6.2, 7.x, and 8.x allows remote attackers to inject arbitrary web script or HTML via an HTTP request to a firewalled server, aka Bug ID 31759...

4.3CVSS6.1AI score0.01248EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2009/08/14 3:16 p.m.18 views

CVE-2009-2766

httpd.c in httpd in the management GUI in DD-WRT 24 sp1 does not require administrative authentication for programs under cgi-bin/, which allows remote attackers to change settings via HTTP requests...

7.5CVSS6.9AI score0.05129EPSS
Exploits1References2
Prion
Prion
added 2009/08/14 3:16 p.m.11 views

Design/Logic Flaw

httpd.c in httpd in the management GUI in DD-WRT 24 sp1 does not require administrative authentication for programs under cgi-bin/, which allows remote attackers to change settings via HTTP requests...

7.5CVSS7.5AI score0.05129EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2009/08/14 3:0 p.m.38 views

CVE-2009-2765

httpd.c in httpd in the management GUI in DD-WRT 24 sp1, and other versions before build 12533, allows remote attackers to execute arbitrary commands via shell metacharacters in a request to a cgi-bin/ URI...

7.5AI score0.82504EPSS
Exploits7References9
Cvelist
Cvelist
added 2009/08/14 3:0 p.m.18 views

CVE-2009-2766

httpd.c in httpd in the management GUI in DD-WRT 24 sp1 does not require administrative authentication for programs under cgi-bin/, which allows remote attackers to change settings via HTTP requests...

6.9AI score0.05129EPSS
Exploits1References2
CVE
CVE
added 2009/08/14 3:0 p.m.43 views

CVE-2009-2766

CVE-2009-2766 affects httpd.c in the httpd management GUI of DD-WRT 24 sp1; CGI programs under /cgi-bin/ can be accessed without administrative authentication, enabling remote changes via HTTP requests. CBSS: Network vector, low complexity, no authentication, with partial impact on confidentialit...

7.5CVSS7.2AI score0.05129EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2009/08/14 3:0 p.m.102 views

CVE-2009-2765

The CVE-2009-2765 issue affects the DD-WRT HTTPd management GUI, where httpd.c in the HTTP daemon is vulnerable to shell metacharacter injection via requests to a CGI-bin URI. The vulnerability allows an unauthenticated remote attacker to execute arbitrary commands with root privileges on affecte...

8.3CVSS7.8AI score0.82504EPSS
Exploits7References9Affected Software1
Prion
Prion
added 2008/03/24 9:44 p.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in the management GUI in Imperva SecureSphere MX Management Server 5.0 allows remote attackers to inject arbitrary web script or HTML via an invalid or prohibited request to a web server protected by SecureSphere, which triggers injection into the "correctiv...

4.3CVSS6.4AI score0.01582EPSS
Exploits1References4Affected Software2
Rows per page
Query Builder