Sql injection

SQL injection vulnerability in the device registration component in wsf/webservice.php in CoSoSys Endpoint Protector 4 4.3.0.4 and 4.4.0.2 allows remote attackers to execute arbitrary SQL commands via unspecified parameters...

CVE-2014-3932

SQL injection vulnerability in the device registration component in wsf/webservice.php in CoSoSys Endpoint Protector 4 4.3.0.4 and 4.4.0.2 allows remote attackers to execute arbitrary SQL commands via unspecified parameters...

CoSoSys Endpoint Protector 4 SQL Injection / Backdoor

CoSoSys Endpoint Protector 4 suffers from remote SQL injection, unauthenticated access, information disclosure, and backdoor vulnerabilities. title: Multiple vulnerabilities product: CoSoSys Endpoint Protector 4 vulnerable version: all - except issue 1 fixed version: none - except issue 1 impact:...

CoSoSys Endpoint Protector 4 SQL Injection / Backdoor

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: CoSoSys Endpoint Protector 4 vulnerable version: all - except issue 1 fixed version: none ...

CVE-2012-2994

The CoSoSys Endpoint Protector 4 appliance establishes an EPProot password based entirely on the appliance serial number, which makes it easier for remote attackers to obtain access via a brute-force attack...

CoSoSys Endpoint Protector 4 appliance contains a predictable password for root-equivalent account vulnerability

Overview CoSoSys Endpoint Protector 4 appliance contains a predictable password for root-equivalent accounts. Description According to the CoSoSys's website the Endpoint Protector 4 appliance is a DLP product used to prevent users from taking unauthorized data outside the company or bringing...