Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
SymantecWeb Gateway

10 matches found

CVE
CVEadded 2012/07/23 5:55 p.m.127 views

CVE-2012-2961

SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

7.5CVSS8.4AI score0.01173EPSS
CVE
CVEadded 2012/07/23 5:55 p.m.114 views

CVE-2012-2574

SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to a "blind SQL injection" issue.

7.5CVSS8.4AI score0.01077EPSS
CVE
CVEadded 2013/08/01 1:32 p.m.70 views

CVE-2013-1617

Multiple SQL injection vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors.

7.4CVSS8.1AI score0.01332EPSS
CVE
CVEadded 2013/08/01 1:32 p.m.49 views

CVE-2013-4672

The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 has an incorrect sudoers file, which allows local users to bypass intended access restrictions via a command.

7.2CVSS6.1AI score0.00177EPSS
CVE
CVEadded 2012/07/23 5:55 p.m.44 views

CVE-2012-2957

The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows local users to gain privileges by modifying files, related to a "file inclusion" issue.

7.2CVSS6.4AI score0.09446EPSS
CVE
CVEadded 2011/01/14 11:0 p.m.43 views

CVE-2010-0115

SQL injection vulnerability in login.php in the GUI management console in Symantec Web Gateway 4.5 before 4.5.0.376 allows remote attackers to execute arbitrary SQL commands via the USERNAME parameter.

7.5CVSS8.6AI score0.01126EPSS
CVE
CVEadded 2011/07/11 8:55 p.m.41 views

CVE-2011-0549

SQL injection vulnerability in forget.php in the management GUI in Symantec Web Gateway 4.5.x allows remote attackers to execute arbitrary SQL commands via the username parameter.

7.5CVSS8.5AI score0.011EPSS
CVE
CVEadded 2015/09/20 8:59 p.m.41 views

CVE-2015-5693

The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary commands via vectors related to "traffic capture."

7.9CVSS7.3AI score0.03118EPSS
CVE
CVEadded 2012/08/07 10:55 p.m.33 views

CVE-2012-4178

SQL injection vulnerability in spywall/includes/deptUploads_data.php in Symantec Web Gateway 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via the groupid parameter.

7.5CVSS8.7AI score0.00736EPSS
CVE
CVEadded 2015/09/20 8:59 p.m.29 views

CVE-2015-5692

admin_messages.php in the management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary code by uploading a file with a safe extension and content type, and then leveraging an improper Sudo configuration t...

7.9CVSS7.4AI score0.05789EPSS