Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

web gateway vulnerabilities and exploits

(subscribe to this query)

NA
CVE-2011-0549
SQL injection vulnerability in forget.php in the management GUI in Symantec Web Gateway 4.5.x allows remote attackers to execute arbitrary SQL commands via the username parameter....
Symantec Web Gateway 4.5Symantec Web Gateway 4.5.0.326Symantec Web Gateway 4.5.1.34Symantec Web Gateway 4.5.1.44Symantec Web Gateway 4.5.2.37Symantec Web Gateway 4.5.2.65Symantec Web Gateway 4.5.2.72Symantec Web Gateway 4.5.3.38Symantec Web Gateway 4.5.4.9
NA
CVE-2012-2957
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows local users to gain privileges by modifying files, related to a "file inclusion" issue....
Symantec Web Gateway 5.0Symantec Web Gateway 5.0.1Symantec Web Gateway 5.0.2Symantec Web Gateway 5.0.3
NA
CVE-2012-2976
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary shell commands via crafted input to application scripts, related to an "injection" issue....
Symantec Web Gateway 5.0Symantec Web Gateway 5.0.1Symantec Web Gateway 5.0.2Symantec Web Gateway 5.0.3
NA
CVE-2012-2961
SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors....
Symantec Web Gateway 5.0Symantec Web Gateway 5.0.1Symantec Web Gateway 5.0.2Symantec Web Gateway 5.0.3
NA
CVE-2012-0296
Multiple cross-site scripting (XSS) vulnerabilities in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors....
Symantec Web Gateway 5.0Symantec Web Gateway 5.0.1Symantec Web Gateway 5.0.2
NA
CVE-2012-2574
SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to a "blind SQL injection" issue....
Symantec Web Gateway 5.0Symantec Web Gateway 5.0.1Symantec Web Gateway 5.0.2Symantec Web Gateway 5.0.3
NA
CVE-2012-2953
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary commands via crafted input to application scripts....
Symantec Web Gateway 5.0Symantec Web Gateway 5.0.1Symantec Web Gateway 5.0.2Symantec Web Gateway 5.0.3
NA
CVE-2012-2977
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to change arbitrary passwords via crafted input to an application script....
Symantec Web Gateway 5.0Symantec Web Gateway 5.0.1Symantec Web Gateway 5.0.2Symantec Web Gateway 5.0.3
NA
CVE-2012-0298
The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to (1) read or (2) delete arbitrary files via unspecified vectors....
Symantec Web Gateway 5.0Symantec Web Gateway 5.0.1Symantec Web Gateway 5.0.2
NA
CVE-2012-0299
The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to upload arbitrary code to a designated pathname, and possibly execute this code, via unspecified vectors....
Symantec Web Gateway 5.0Symantec Web Gateway 5.0.1Symantec Web Gateway 5.0.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-24069remote code executionmass assignmentCVE-2021-1782CVE-2021-23962CVE-2021-24081cross-site scriptingCVE-2021-21973CVE-2021-23972