CVSS: 10.0EPSS: 96%CPEs: 3EXPL: 1CVE-2012-0299 – Symantec Web Gateway upload_file Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0299
The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to upload arbitrary code to a designated pathname, and possibly execute this code, via unspecified vectors. Los programas de gestión de ficheros en el GUI en Symantec Web Gateway v5.0.x anteriores a v5.0.3 permite a atacantes remotos subir código a un path concreto, y posiblemente ejecutar este código, a través de vectores no determinados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Web Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists because Symantec Web Gateway allows unauthenticated users to upload a file while preserving the file extension. This allows users to upload additional script files that can be used to execute remote code from user supplied commands under the context of the webserver. • https://www.exploit-db.com/exploits/19038 http://www.securityfocus.com/bid/53443 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120517_00 https://exchange.xforce.ibmcloud.com/vulnerabilities/75730 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 2%CPEs: 9EXPL: 0CVE-2011-0549 – Symantec Web Gateway forget.php SQL Injection Vulnerability
https://notcve.org/view.php?id=CVE-2011-0549
SQL injection vulnerability in forget.php in the management GUI in Symantec Web Gateway 4.5.x allows remote attackers to execute arbitrary SQL commands via the username parameter. Vulnerabilidad de inyección SQL en forget.php en la administración de Symantec Web Gateway v4.5.x, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro username. This vulnerability allows remote attackers to inject arbitrary SQL on vulnerable installations of the Symantec Web Gateway appliance. Authentication is not required to exploit this vulnerability. The specific flaw exists within the username parameter of POST requests to the forget.php script. The parameter is not sanitized and a remote attacker can abuse this to inject arbitrary SQL into the underlying database. • http://secunia.com/advisories/45146 http://securitytracker.com/id?1025753 http://www.securityfocus.com/bid/48318 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110707_00 http://www.zerodayinitiative.com/advisories/ZDI-11-233 https://exchange.xforce.ibmcloud.com/vulnerabilities/68428 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 1%CPEs: 5EXPL: 0CVE-2010-0115 – Symantec Web Gateway Management Interface USERNAME Blind SQL Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0115
SQL injection vulnerability in login.php in the GUI management console in Symantec Web Gateway 4.5 before 4.5.0.376 allows remote attackers to execute arbitrary SQL commands via the USERNAME parameter. Una vulnerabilidad de inyección SQL en login.php en la GUI de administración de la consola de Symantec Web Gateway 4.5 antes de v4.5.0.376 permite a atacantes remotos ejecutar comandos SQL a través del parámetro USERNAME. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Web Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists within the management interface which listens by default on TCP port 443. While parsing requests sent to the login.php page, the process does not properly sanitize the USERNAME POST parameter. • http://osvdb.org/70415 http://secunia.com/advisories/42878 http://www.securityfocus.com/bid/45742 http://www.securitytracker.com/id?1024958 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110112_00 http://www.vupen.com/english/advisories/2011/0088 http://www.zerodayinitiative.com/advisories/ZDI-11-013 https://exchange.xforce.ibmcloud.com/vulnerabilities/64658 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •