15 matches found
EUVD-2018-9324
Malware in sbrugna...
Malicious code in swa-persistence (npm)
The package swa-persistence was found to contain malicious code...
MAL-2025-34264 Malicious code in swa-persistence (npm)
The package swa-persistence was found to contain malicious code...
CVE-2018-17575
SWA SWA.JACAD 3.1.37 Build 024 has SQL Injection via the /academico/aluno/esqueci-minha-senha/ studentId parameter...
CVE-2018-17575
CVE-2018-17575 affects SWA.JACAD 3.1.37 Build 024. The SQL injection vulnerability occurs in the /academico/aluno/esqueci-minha-senha/ page via the studentId parameter. Based on CNVD/CVE listings, a remote attacker can exploit this to execute arbitrary SQL commands. The provided documents do not ...
CVE-2017-6183
In Sophos Web Appliance (SWA) versions prior to 4.3.1.2, CVE-2017-6183 describes a remote command injection vulnerability in the configuration utilities used for adding/detecting Active Directory servers. The issue arises from improper sanitization of input when managing AD-related settings, enab...
CVE-2017-6184
In Sophos Web Appliance (SWA) versions before 4.3.1.2, the reports-generation interface is vulnerable to remote command injection through the token parameter (aka NSWA-1303). The root cause is improper input handling/sanitization in the reporting path, allowing an authenticated or network-exposed...
CVE-2017-6182
Affected product : Sophos Web Appliance (SWA) prior to version 4.3.1.2. Vulnerability : Remote command injection in the reporting UI, via functions related to report generation (NSWA-1304). Impact : Unauthenticated/remote attacker could inject commands through the reporting component; severity is...
CVE-2017-6412
CVE-2017-6412 affects Sophos Web Appliance (SWA) versions before 4.3.1.2, with a Session Fixation vulnerability (NSWA-1310) that can lead to session hijacking. Public references indicate exploitation in 4.3.1.1 and the issue being addressed in the SWA 4.3.1.2 release notes. The CVE entry and mult...
Sophos Web Appliance 4.2.1.3 - Remote Code Execution
KL-001-2016-009 : Sophos Web Appliance Remote Code Execution Title: Sophos Web Appliance Remote Code Execution Advisory ID: KL-001-2016-009 Publication Date: 2016.11.03 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2016-009.txt 1. Vulnerability Details Affected Vendor:...
Sophos Web Appliance 4.2.1.3 Remote Code Execution Vulnerability
Exploit for php platform in category web applications Title: Sophos Web Appliance Remote Code Execution Advisory ID: KL-001-2016-009 Publication Date: 2016.11.03 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2016-009.txt 1. Vulnerability Details Affected Vendor: Sophos...
Sophos Web Appliance Remote Code Execution
Vulnerability Details Affected Vendor: Sophos Affected Product: Web Apppliance Affected Version: v4.2.1.3 Platform: Embedded Linux CWE Classification: CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection', CWE-88: Argument Injection or Modification...
swa FahrInfo - Customized SSL, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application swa FahrInfo published at the 'play' market has multiple vulnerabilities...
[security bulletin] HPSBUX02653 SSRT100310 rev.1 - HP-UX Running NFS/ONCplus, Remote Denial of Service (DoS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02777287 Version: 1 HPSBUX02653 SSRT100310 rev.1 - HP-UX Running NFS/ONCplus, Remote Denial of Service DoS NOTICE: The information in this Security Bulletin should be acted upon as soon as...
[security bulletin] HPSBMA02390 SSRT071481 rev.1 - HP OpenView Performance Agent, HP Performance Agent, Remote Denial of Service (DoS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01621724 Version: 1 HPSBMA02390 SSRT071481 rev.1 - HP OpenView Performance Agent, HP Performance Agent, Remote Denial of Service DoS NOTICE: The information in this Security Bulletin should be...