Lucene search
K

6 matches found

Check Point Advisories
Check Point Advisories
added 2018/11/28 12:0 a.m.2 views

Micro Focus Secure Messaging Gateway SQL Injection (CVE-2018-12464)

A SQL injection vulnerability exists in Micro Focus Secure Messaging Gateway. The vulnerability is due to insufficient validation of user input. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS4.4AI score0.80539EPSS
Exploits5
Packet Storm
Packet Storm
added 2018/07/31 12:0 a.m.43 views

MicroFocus Secure Messaging Gateway Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MicroFocus Secure Messaging Gateway Remote Code Execution", 'Description' = %q This module exploits a SQL injection and command injection...

8.4AI score0.80539EPSS
Exploits5
exploitpack
exploitpack
added 2018/07/24 12:0 a.m.52 views

Micro Focus Secure Messaging Gateway (SMG) 471 - Remote Code Execution (Metasploit)

Micro Focus Secure Messaging Gateway SMG 471 - Remote Code Execution Metasploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MicroFocus Secure Messaging Gateway Remote Code Execution",...

0.80539EPSS
Exploits5
Prion
Prion
added 2018/06/29 4:29 p.m.6 views

Command injection

An OS command injection vulnerability in the web administration component of Micro Focus Secure Messaging Gateway SMG allows a remote attacker authenticated as a privileged user to execute arbitrary OS commands on the SMG server. This can be exploited in conjunction with CVE-2018-12464 to achieve...

9CVSS8.5AI score0.80539EPSS
Exploits5References3Affected Software1
Cvelist
Cvelist
added 2018/06/29 4:0 p.m.22 views

CVE-2018-12464 Unauthenticated SQL injection in Micro Focus Secure Messaging Gateway

A SQL injection vulnerability in the web administration and quarantine components of Micro Focus Secure Messaging Gateway allows an unauthenticated remote attacker to execute arbitrary SQL statements against the database. This can be exploited to create an administrative account and used in...

10CVSS9.7AI score0.80539EPSS
Exploits5References3
CVE
CVE
added 2018/06/29 4:0 p.m.55 views

CVE-2018-12464

CVE-2018-12464 is a SQL injection vulnerability in Micro Focus Secure Messaging Gateway (SMG) affecting the Web administration and quarantine components. It occurs in versions prior to 471 and enables an unauthenticated remote attacker to execute arbitrary SQL statements against the SMG database,...

10CVSS8.9AI score0.80539EPSS
Exploits5References3Affected Software1
Rows per page
Query Builder