CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2023-7161 – Netentsec NS-ASG Application Security Gateway Login sql injection
https://notcve.org/view.php?id=CVE-2023-7161
29 Dec 2023 — A vulnerability classified as critical has been found in Netentsec NS-ASG Application Security Gateway 6.3.1. This affects an unknown part of the file index.php?para=index of the component Login. The manipulation of the argument check_VirtualSiteId leads to sql injection. It is possible to initiate the attack remotely. • https://github.com/fixitc/cve/blob/main/sql.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-6903 – Netentsec NS-ASG Application Security Gateway sql injection
https://notcve.org/view.php?id=CVE-2023-6903
17 Dec 2023 — A vulnerability classified as critical has been found in Netentsec NS-ASG Application Security Gateway 6.3.1. This affects an unknown part of the file /admin/singlelogin.php?submit=1. The manipulation of the argument loginId leads to sql injection. It is possible to initiate the attack remotely. • https://github.com/willchen0011/cve/blob/main/NS-ASG-sql.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •