Cross site scripting

Cross-site scripting XSS vulnerability in index-login.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices allows remote attackers to inject arbitrary web script or HTML via the msg parameter...

CVE-2015-2850

Cross-site scripting XSS vulnerability in index-login.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices allows remote attackers to inject arbitrary web script or HTML via the msg parameter...

CVE-2015-2850

The CVE-2015-2850 issue affects ANTlabs InnGate firmware (IG 3100 and InnGate 3.01 E, 3.10 E, 3.10 M, SG 4, SSG 4). The vulnerability is a Cross-Site Scripting (XSS) in the index-login.ant page, exploitable via the msg parameter. Root cause is improper input handling that allows injected web scri...

CVE-2015-2849

Summary (CVE-2015-2849) : The ANTlabs InnGate firmware (IG3100, InnGate 3.01 E, 3.10 E, 3.10 M, SG 4, SSG 4) contains a SQL injection vulnerability in the main.ant page. The issue arises from the ppli URL parameter; when using HTTPS, a remote attacker can induce arbitrary SQL commands on the unde...

CVE-2015-2849

SQL injection vulnerability in main.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices, when https is used, allows remote attackers to execute arbitrary SQL commands via the ppli parameter...

CVE-2015-0932

The ANTlabs InnGate firmware on IG 3100, IG 3101, InnGate 3.00 E, InnGate 3.01 E, InnGate 3.02 E, InnGate 3.10 E, InnGate 3.01 G, and InnGate 3.10 G devices does not require authentication for rsync sessions, which allows remote attackers to read or write to arbitrary files via TCP traffic on por...