symantec web gateway 5.0.3.18 vulnerabilities and exploits

(subscribe to this query)

7.5

CVSSv2

SQL injection vulnerability in spywall/includes/deptUploads_data.php in Symantec Web Gateway 5.0.3.18 allows remote malicious users to execute arbitrary SQL commands via the groupid parameter.

Symantec Web Gateway 5.0.3.18

1 EDB exploit

5

CVSSv2

The management console in Symantec Web Gateway 5.0.x prior to 5.0.3.18 allows remote malicious users to change arbitrary passwords via crafted input to an application script.

Symantec Web Gateway 5.0 Symantec Web Gateway 5.0.2 Symantec Web Gateway 5.0.3 Symantec Web Gateway 5.0.1

2 EDB exploits

7.2

CVSSv2

The management console in Symantec Web Gateway 5.0.x prior to 5.0.3.18 allows local users to gain privileges by modifying files, related to a "file inclusion" issue.

Symantec Web Gateway 5.0 Symantec Web Gateway 5.0.2 Symantec Web Gateway 5.0.3 Symantec Web Gateway 5.0.1

1 EDB exploit

7.5

CVSSv2

SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x prior to 5.0.3.18 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.

Symantec Web Gateway 5.0.2 Symantec Web Gateway 5.0.3 Symantec Web Gateway 5.0.1 Symantec Web Gateway 5.0

1 EDB exploit

10

CVSSv2

The management console in Symantec Web Gateway 5.0.x prior to 5.0.3.18 allows remote malicious users to execute arbitrary commands via crafted input to application scripts.

Symantec Web Gateway 5.0.1 Symantec Web Gateway 5.0 Symantec Web Gateway 5.0.2 Symantec Web Gateway 5.0.3

2 EDB exploits

10

CVSSv2

The management console in Symantec Web Gateway 5.0.x prior to 5.0.3.18 allows remote malicious users to execute arbitrary shell commands via crafted input to application scripts, related to an "injection" issue.

Symantec Web Gateway 5.0.3 Symantec Web Gateway 5.0.1 Symantec Web Gateway 5.0 Symantec Web Gateway 5.0.2

7.5

CVSSv2

SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x prior to 5.0.3.18 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors, related to a "blind SQL injection" issue.

Symantec Web Gateway 5.0.2 Symantec Web Gateway 5.0.3 Symantec Web Gateway 5.0.1 Symantec Web Gateway 5.0

1 EDB exploit

8.3

CVSSv2

The management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 allows remote malicious users to execute arbitrary commands by injecting a command into an application script.

Symantec Web Gateway 5.0.1 Symantec Web Gateway 5.0.2 Symantec Web Gateway 5.0.3 Symantec Web Gateway 5.0.3.18 Symantec Web Gateway Symantec Web Gateway 5.0 Symantec Web Gateway Appliance 8450 -Symantec Web Gateway Appliance 8490 -

1 EDB exploit

4.3

CVSSv2

Multiple cross-site scripting (XSS) vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.

Symantec Web Gateway 5.0.3.18 Symantec Web Gateway Symantec Web Gateway 5.0 Symantec Web Gateway 5.0.1 Symantec Web Gateway 5.0.2 Symantec Web Gateway 5.0.3 Symantec Web Gateway Appliance 8450 -Symantec Web Gateway Appliance 8490 -

6

CVSSv2

Cross-site request forgery (CSRF) vulnerability in the management console on the Symantec Web Gateway (SWG) appliance prior to 5.1.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.

Symantec Web Gateway 5.0.1 Symantec Web Gateway 5.0.2 Symantec Web Gateway 5.0.3 Symantec Web Gateway 5.0.3.18 Symantec Web Gateway Symantec Web Gateway 5.0 Symantec Web Gateway Appliance 8450 -Symantec Web Gateway Appliance 8490 -

Get Started

1 2 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook