4 matches found
CVE-2014-9605
WebUpgrade in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and create a system backup tarball, restart the server, or stop the filters on the server via a ' single quote character in the login and password parameters to...
CVE-2014-9605
CVE-2014-9605 concerns Netsweeper WebUpgrade where insufficient filtering of the login/password inputs (single quote) allows remote attackers to bypass authentication in Netsweeper versions before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2. Successful bypass enables actions such as creati...
Netsweeper Multiple Vulnerabilities (Aug 2015)
Netsweeper is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:netsweeper:netsweeper";...
Netsweeper 4.0.8 - SQL Injection Authentication Bypass
Netsweeper 4.0.8 - SQL Injection Authentication Bypass +----------------------------------------------------------------+ + Netsweeper 4.0.8 - SQL Injection Authentication Bypass Admin + +----------------------------------------------------------------+ Affected Product: Netsweeper Vendor Homepag...