14 matches found
EUVD-2021-15616
Malware in sbrugna...
CVE-2020-25034
eMPS prior to eMPS 9.0 FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the sort, sortby, searchURL, or searchattachment parameter to the email search feature...
CVE-2021-28969
eMPS 9.0.1.923211 on FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the sortby parameter to the email search feature. According to the vendor, the issue is fixed in 9.0.3. NOTE: this is different from CVE-2020-25034 and affects newer versions of the...
CVE-2021-28970
eMPS 9.0.1.923211 on the Central Management of FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the jobid parameter to the email search feature. According to the vendor, the issue is fixed in 9.0.3...
Sql injection
eMPS 9.0.1.923211 on FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the sortby parameter to the email search feature. According to the vendor, the issue is fixed in 9.0.3. NOTE: this is different from CVE-2020-25034 and affects newer versions of the...
Sql injection
eMPS 9.0.1.923211 on the Central Management of FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the jobid parameter to the email search feature. According to the vendor, the issue is fixed in 9.0.3...
CVE-2021-28970
eMPS 9.0.1.923211 on the Central Management of FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the jobid parameter to the email search feature. According to the vendor, the issue is fixed in 9.0.3...
CVE-2021-28970
CVE-2021-28970 concerns eMPS 9.0.1.923211 on the Central Management of FireEye EX 3500 devices. The vulnerability allows a remote authenticated user to perform a SQL injection through the job_id parameter in the email search feature. The underlying impact reported includes partial confidentiality...
CVE-2021-28969
CVE-2021-28969 affects FireEye eMPS 9.0.1.923211 on EX 3500 devices, where remote authenticated users can perform SQL injection through the sort_by parameter in the email search feature. The issue is addressed in version 9.0.3 per the vendor. Connected documents corroborate the vulnerability in e...
CVE-2021-28969
eMPS 9.0.1.923211 on FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the sortby parameter to the email search feature. According to the vendor, the issue is fixed in 9.0.3. NOTE: this is different from CVE-2020-25034 and affects newer versions of the...
CVE-2020-25034
eMPS prior to eMPS 9.0 FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the sort, sortby, searchURL, or searchattachment parameter to the email search feature...
Sql injection
eMPS prior to eMPS 9.0 FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the sort, sortby, searchURL, or searchattachment parameter to the email search feature...
CVE-2020-25034
eMPS prior to eMPS 9.0 FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the sort, sortby, searchURL, or searchattachment parameter to the email search feature...
CVE-2020-25034
CVE-2020-25034 affects eMPS prior to 9.0 on FireEye EX 3500 devices. The issue allows remote authenticated users to perform SQL injection via the email search feature’s parameters (sort, sort_by, search{URL], search[attachment]). The underlying root cause is unsafely constructed SQL in the email ...