3 matches found
CVE-2013-2642
Vulnerability : CVE-2013-2642 affects Sophos Web Protection Appliance (pre-3.7.8.2). The issue enables OS command injection in multiple contexts: (1) OS commands via the Block page when a customized template uses the client-ip variable, (2) commands via the Diagnostic Tools URL parameter, and (3)...
Sophos Web Protection Appliance 3.7.8.1 - Multiple Vulnerabilities
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Sophos Web Protection Appliance vulnerable version: = 3.7.8.1 fixed version: 3.7.8.2 impact: Critical CVE number: CVE-2013-2641,...
Sophos Web Protection Appliance 3.7.8.1 XSS / Command Execution
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Sophos Web Protection Appliance vulnerable version: = 3.7.8.1 fixed version: 3.7.8.2 impact: Critical CVE number: CVE-2013-2641,...