3 matches found
Symantec IM Manager LoggedInUsers.lgx Definition File SQL Injections (CVE-2010-0112)
Symantec IM Manager is a software-based proxy to secure, manage, and log IM messages for enterprise and public IM protocols. It provides real-time threat protection against IM viruses, worms, and other types of attacks delivered through IM messages. An SQL injection vulnerability has been reporte...
CVE-2010-0112
CVE-2010-0112 — Symantec IM Manager before version 8.4.16 is affected by multiple SQL injection vulnerabilities in the Administrative Interface (IIS extension). The issues allow remote attackers to inject SQL via numerous parameters (e.g., rdReport, DetailReportGroup, SummaryReportGroup, LoggedIn...
Symantec IM Manager Multiple SQL Injection Vulnerabilities
Symantec IM Manager is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit can allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities i...