2 matches found
Symantec SDCS:SA / SCSP XSS / Bypass / SQL Injection / Disclosure
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple critical vulnerabilities products: Symantec Data Center Security: Server Advanced SDCS:SA Symantec Critical System Protection SCSP vulnerable version: see:...
CVE-2014-7289
CVE-2014-7289 is a SQL injection vulnerability in the management server of Symantec Data Center Security: Server Advanced (SDCS:SA) and Symantec Critical System Protection (SCSP). Affected versions include SCSP 5.2.9 before MP6 and SDCS:SA 6.0.x before 6.0 MP1, with exploitation via the /sis-ui/a...