CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 3CVE-2012-4178 – Symantec Web Gateway 5.0.3.18 - 'deptUploads_data.php?groupid' Blind SQL Injection
https://notcve.org/view.php?id=CVE-2012-4178
SQL injection vulnerability in spywall/includes/deptUploads_data.php in Symantec Web Gateway 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via the groupid parameter. Vulnerabilidad de inyección SQL en sywall/includes/deptUploads_data.php en Symantec Web Gateway v5.0.3.18 que permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro groupid. • https://www.exploit-db.com/exploits/20123 http://www.exploit-db.com/exploits/20123 http://www.securityfocus.com/bid/54721 http://www.securitytracker.com/id?1027358 https://exchange.xforce.ibmcloud.com/vulnerabilities/77264 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •