2 matches found
Imperva SecureSphere PWS Command Injection
This module exploits a command injection vulnerability in Imperva SecureSphere 13.x. The vulnerability exists in the PWS service, where Python CGIs didn't properly sanitize user supplied command parameters and directly passes them to corresponding CLI utility, leading to command injection. Agent...
Imperva SecureSphere 13 - Remote Command Execution
Title: Imperva SecureSphere 13 - Remote Command Execution Author: rsp3ar Date: 2018-10-08 Vendor: https://www.imperva.com/products/securesphere/ CVE: N/A Version: 13.0.10, 13.1.10, 13.2.10 Tested on: SecureSphere Virtual Appliance Description PWS is a component in SecureSphere v13, which consists...