CVE-2011-0549 – Symantec Web Gateway forget.php SQL Injection Vulnerability
https://notcve.org/view.php?id=CVE-2011-0549
SQL injection vulnerability in forget.php in the management GUI in Symantec Web Gateway 4.5.x allows remote attackers to execute arbitrary SQL commands via the username parameter. Vulnerabilidad de inyección SQL en forget.php en la administración de Symantec Web Gateway v4.5.x, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro username. This vulnerability allows remote attackers to inject arbitrary SQL on vulnerable installations of the Symantec Web Gateway appliance. Authentication is not required to exploit this vulnerability. The specific flaw exists within the username parameter of POST requests to the forget.php script. The parameter is not sanitized and a remote attacker can abuse this to inject arbitrary SQL into the underlying database. • http://secunia.com/advisories/45146 http://securitytracker.com/id?1025753 http://www.securityfocus.com/bid/48318 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110707_00 http://www.zerodayinitiative.com/advisories/ZDI-11-233 https://exchange.xforce.ibmcloud.com/vulnerabilities/68428 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2010-0115 – Symantec Web Gateway Management Interface USERNAME Blind SQL Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0115
SQL injection vulnerability in login.php in the GUI management console in Symantec Web Gateway 4.5 before 4.5.0.376 allows remote attackers to execute arbitrary SQL commands via the USERNAME parameter. Una vulnerabilidad de inyección SQL en login.php en la GUI de administración de la consola de Symantec Web Gateway 4.5 antes de v4.5.0.376 permite a atacantes remotos ejecutar comandos SQL a través del parámetro USERNAME. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Web Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists within the management interface which listens by default on TCP port 443. While parsing requests sent to the login.php page, the process does not properly sanitize the USERNAME POST parameter. • http://osvdb.org/70415 http://secunia.com/advisories/42878 http://www.securityfocus.com/bid/45742 http://www.securitytracker.com/id?1024958 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110112_00 http://www.vupen.com/english/advisories/2011/0088 http://www.zerodayinitiative.com/advisories/ZDI-11-013 https://exchange.xforce.ibmcloud.com/vulnerabilities/64658 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •