CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2644 – Netentsec NS-ASG Application Security Gateway addfirewall.php sql injection
https://notcve.org/view.php?id=CVE-2024-2644
19 Mar 2024 — A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been rated as critical. Affected by this issue is some unknown functionality of the file /protocol/firewall/addfirewall.php. The manipulation of the argument FireWallTableArray leads to sql injection. The attack may be launched remotely. • https://github.com/hundanchen69/cve/blob/main/NS-ASG-sql-laddfirewall.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 1CVE-2024-2330 – Netentsec NS-ASG Application Security Gateway index.php sql injection
https://notcve.org/view.php?id=CVE-2024-2330
09 Mar 2024 — A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been classified as critical. This affects an unknown part of the file /protocol/index.php. The manipulation of the argument IPAddr leads to sql injection. It is possible to initiate the attack remotely. • https://github.com/jikedaodao/cve/blob/main/NS-ASG-sql-addmacbind.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2329 – Netentsec NS-ASG Application Security Gateway sql injection
https://notcve.org/view.php?id=CVE-2024-2329
09 Mar 2024 — A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/list_resource_icon.php?action=delete. The manipulation of the argument IconId leads to sql injection. The attack may be launched remotely. • https://github.com/flyyue2001/cve/blob/main/NS-ASG-sql-list_resource_icon.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2022 – Netentsec NS-ASG Application Security Gateway list_ipAddressPolicy.php sql injection
https://notcve.org/view.php?id=CVE-2024-2022
01 Mar 2024 — A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/list_ipAddressPolicy.php. The manipulation of the argument GroupId leads to sql injection. The attack can be launched remotely. • https://github.com/zouzuo1994321/cve/blob/main/cve.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-2021 – Netentsec NS-ASG Application Security Gateway list_localuser.php sql injection
https://notcve.org/view.php?id=CVE-2024-2021
29 Feb 2024 — A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been classified as critical. Affected is an unknown function of the file /admin/list_localuser.php. The manipulation of the argument ResId leads to sql injection. It is possible to launch the attack remotely. • https://github.com/dtxharry/cve/blob/main/cve.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-7161 – Netentsec NS-ASG Application Security Gateway Login sql injection
https://notcve.org/view.php?id=CVE-2023-7161
29 Dec 2023 — A vulnerability classified as critical has been found in Netentsec NS-ASG Application Security Gateway 6.3.1. This affects an unknown part of the file index.php?para=index of the component Login. The manipulation of the argument check_VirtualSiteId leads to sql injection. It is possible to initiate the attack remotely. • https://github.com/fixitc/cve/blob/main/sql.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-7094 – Netentsec NS-ASG Application Security Gateway nsasg6.0.tgz information disclosure
https://notcve.org/view.php?id=CVE-2023-7094
25 Dec 2023 — A vulnerability classified as problematic was found in Netentsec NS-ASG Application Security Gateway 6.3. Affected by this vulnerability is an unknown functionality of the file /protocol/nsasg6.0.tgz. The manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?ctiid.248941 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-6903 – Netentsec NS-ASG Application Security Gateway sql injection
https://notcve.org/view.php?id=CVE-2023-6903
17 Dec 2023 — A vulnerability classified as critical has been found in Netentsec NS-ASG Application Security Gateway 6.3.1. This affects an unknown part of the file /admin/singlelogin.php?submit=1. The manipulation of the argument loginId leads to sql injection. It is possible to initiate the attack remotely. • https://github.com/willchen0011/cve/blob/main/NS-ASG-sql.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5826 – Netentsec NS-ASG Application Security Gateway list_onlineuser.php sql injection
https://notcve.org/view.php?id=CVE-2023-5826
27 Oct 2023 — A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/list_onlineuser.php. The manipulation of the argument SessionId leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-243716. • https://github.com/Cubi123123123/cve/blob/main/NS-ASG-sql-list_onlineuser.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5785 – Netentsec NS-ASG Application Security Gateway addaddress_interpret.php sql injection
https://notcve.org/view.php?id=CVE-2023-5785
26 Oct 2023 — A vulnerability was found in Netentsec NS-ASG Application Security Gateway 6.3. It has been classified as critical. This affects an unknown part of the file /protocol/firewall/addaddress_interpret.php. The manipulation of the argument messagecontent leads to sql injection. The exploit has been disclosed to the public and may be used. • https://github.com/ggg48966/cve/blob/main/NS-ASG-sql-addaddress_interpret.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •