Lucene search

Im Manager Security Vulnerabilities

cve

CVE-2009-3036

Cross-site scripting (XSS) vulnerability in the console in Symantec IM Manager 8.3 and 8.4 before 8.4.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

5.7AI Score

0.025EPSS

2010-02-23 08:30 PM

cve

CVE-2010-0112

Multiple SQL injection vulnerabilities in the Administrative Interface in the IIS extension in Symantec IM Manager before 8.4.16 allow remote attackers to execute arbitrary SQL commands via (1) the rdReport parameter to rdpageimlogic.aspx, related to the sGetDefinition function in rdServer.dll, and...

8.4AI Score

0.965EPSS

2010-10-28 08:00 PM

cve

CVE-2010-3719

Eval injection vulnerability in IMAdminSchedTask.asp in the administrative interface for Symantec IM Manager 8.4.16 and earlier allows remote attackers to execute arbitrary code via unspecified parameters to the ScheduleTask method.

8.1AI Score

0.014EPSS

2011-02-02 01:00 AM

cve

CVE-2011-0552

Multiple cross-site scripting (XSS) vulnerabilities in the management console in Symantec IM Manager before 8.4.18 allow remote attackers to inject arbitrary web script or HTML via the (1) refreshRateSetting parameter to IMManager/Admin/IMAdminSystemDashboard.asp, the (2) nav or (3) menuitem parame...

5.7AI Score

0.155EPSS

2011-10-02 02:53 AM

cve

CVE-2011-0553

SQL injection vulnerability in the management console in Symantec IM Manager before 8.4.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

8.3AI Score

0.046EPSS

2011-10-02 02:53 AM

cve

CVE-2011-0554

The management console in Symantec IM Manager before 8.4.18 allows remote attackers to execute arbitrary code via unspecified vectors, related to a "code injection issue."

7.9AI Score

0.935EPSS

2011-10-02 02:53 AM

129