3 results (0.004 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2010 allows SQL injection filter bypass. Imperva SecureSphere Web Application Firewall (WAF) antes del 12 de agosto de 2010, permite omitir el filtro de inyección SQL. • http://seclists.org/fulldisclosure/2011/May/163 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0

Cross-site scripting (XSS) vulnerability in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall 6.2, 7.x, and 8.x allows remote attackers to inject arbitrary web script or HTML via an HTTP request to a firewalled server, aka Bug ID 31759. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el GUI de control de MX Management Server en Imperva SecureSphere Web Application Firewall v6.2, 7.x, y 8.x , permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de una petición HTTP a un servidor filtrado, cambien conocido como Bug ID 31759. • http://secunia.com/advisories/44772 http://www.imperva.com/resources/adc/adc_advisories_response_secureworks.html http://www.kb.cert.org/vuls/id/567774 http://www.secureworks.com/research/advisories/SWRX-2011-001 https://exchange.xforce.ibmcloud.com/vulnerabilities/67779 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0

Imperva SecureSphere Web Application Firewall and Database Firewall 5.0.0.5082 through 7.0.0.7078 allow remote attackers to bypass intrusion-prevention functionality via a request that has an appended long string containing an unspecified manipulation. Imperva SecureSphere Web Application Firewall y Database Firewall v5.0.0.5082 a la v7.0.0.7078, permite a atacantes remotos evitar la funcionalidad de prevención frente a intrusiones mediante un petición que tiene añadida una cadena larga manipulada de un modo no especificada. • http://www.clearskies.net/documents/css-advisory-css1001-imperva.php http://www.imperva.com/resources/adc/adc_advisories_response_clearskies.html http://www.securityfocus.com/archive/1/510709/100/0/threaded http://www.securityfocus.com/bid/39472 •