Symantec Web Gateway System Command Injection Vulnerability

Symantec Web Gateway is a spam filter that combines anti-spam, anti-virus, advanced content filtering and data leakage protection technologies from Symantec USA. A system command injection vulnerability exists in Symantec Web Gateway version 5.2.2. The code for the vulnerability is located in the...

Symantec Web Gateway 5.0.2.18 pbcontrol.php Command Injection

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

Symantec Web Gateway 5.0.3.18 (deptUploads_data.php) Blind SQL Injection Vulnerability

Exploit for php platform in category web applications !/usr/bin/python @Kc57 Blind SQLi POC Dumps out the first available hash in the users table of spywalldb import urllib import time from time import sleep timing='2.5' checks = 0 def checkchari, pos: global timimg global checks checks += 1 url ...

Symantec Web Gateway 5.0.3.18 - 'deptUploads_data.php?groupid' Blind SQL Injection

!/usr/bin/python @Kc57 Blind SQLi POC Dumps out the first available hash in the users table of spywalldb import urllib import time from time import sleep timing='2.5' checks = 0 def checkchari, pos: global timimg global checks checks += 1 url =...

Symantec Web Gateway 5.0.2.18 pbcontrol.php Command Injection

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Symantec Web...

Symantec Web Gateway 5.0.2.18 pbcontrol.php Command Injection

Exploit for linux platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

Symantec Web Gateway 5.0.2.18 - 'pbcontrol.php' Command Injection (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Symantec Web...

Symantec Web Gateway 5.0.2.18 pbcontrol.php Command Injection

This module exploits a command injection vulnerability found in Symantec Web Gateway's HTTP service. While handling the filename parameter, the Spywall API does not do any filtering before passing it to an exec call in proxyfile, thus results in remote code execution under the context of the web...

Symantec Web Gateway 5.0.2.8 Arbitrary PHP File Upload Vulnerability

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Symantec Web...

Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection

This module exploits a command injection vulnerability found in Symantec Web Gateway's HTTP service due to the insecure usage of the exec function. This module abuses the spywall/ipchange.php file to execute arbitrary OS commands without authentication. This module requires Metasploit:...