4 matches found
Symantec Web Gateway Multiple PHP Pages Cross Site Scripting (CVE-2014-1652)
A cross-site scripting vulnerability exists in Symantec Web Gateway. Successful exploitation could result in attacker-controlled script code being executed in the browser context of the Symantec Web Gateway management console. The vulnerability is due to improper validation of "variable",...
Symantec Web Gateway < 5.2.1 Multiple Vulnerabilities (SYM14-010)
According to its self-reported version number, the remote web server is hosting a version of Symantec Web Gateway prior to version 5.2.1. It is, therefore, affected by the following vulnerabilities : - A remote command execution flaw exists with the 'SNMPConfig.php' where user input is not proper...
CVE-2014-1652
Symantec Web Gateway (SWG) management console prior to 5.2 is affected by CVE-2014-1652: multiple cross-site scripting vulnerabilities allow remote authenticated users to inject script via unspecified report parameters (e.g., entSummary.php, custom_report.php, host_spy_report.php, repairedclients...
Symantec Web Gateway Security Issues
SUMMARY Symantec Web Gateway SWG 5.2 Appliance management console is susceptible to security issues. Successful exploitation could result in unauthorized command execution on or access to the management console. There is also potential for unauthorized backend database manipulation. AFFECTED...