9 matches found
CVE-2016-8025
SQL injection vulnerability in Intel Security VirusScan Enterprise Linux VSEL 2.0.3 and earlier allows remote authenticated users to obtain product information via a crafted HTTP request parameter...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in Intel Security VirusScan Enterprise Linux VSEL 2.0.3 and earlier allows authenticated remote attackers to execute unauthorized commands via a crafted user input...
Sql injection
SQL injection vulnerability in Intel Security VirusScan Enterprise Linux VSEL 2.0.3 and earlier allows remote authenticated users to obtain product information via a crafted HTTP request parameter...
CVE-2016-8018
Cross-site request forgery CSRF vulnerability in Intel Security VirusScan Enterprise Linux VSEL 2.0.3 and earlier allows authenticated remote attackers to execute unauthorized commands via a crafted user input...
CVE-2016-8022
CVE-2016-8022 affects McAfee VirusScan Enterprise for Linux (VSEL) 2.0.3 and earlier. The vulnerability enables authentication bypass via the web interface by manipulating authentication cookies; an unauthenticated remote attacker could bypass login and potentially execute code or cause a denial ...
CVE-2016-8016
Information exposure in Intel Security VirusScan Enterprise Linux VSEL 2.0.3 and earlier allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter...
CVE-2016-8019
CVE-2016-8019 is an XSS vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 and earlier. The issue affects the web interface where user input passed through tplt parameters (notably info:7/info:5 in NailsConfig.html or MonitorHost.html) can be crafted by an unauthenticated rem...
CVE-2016-8021
CVE-2016-8021 affects McAfee VirusScan Enterprise for Linux (VSEL) 2.0.3 and earlier. The vulnerability is in the web interface’s verification of cryptographic signatures, allowing a remote authenticated attacker to spoof the update server and execute arbitrary code via a crafted input file. Impa...
CVE-2016-8024
Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux VSEL 2.0.3 and earlier allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing...