Shodan
Vulnerabilities
Vulnerable Software
Symantec:  >> Web Gateway  >> 5.0.2  Security Vulnerabilities
CVE-2012-2574
SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to a "blind SQL injection" issue.
CVSS Score
7.5
EPSS Score
0.011
Published
2012-07-23
CVE-2012-2953
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary commands via crafted input to application scripts.
CVSS Score
10.0
EPSS Score
0.809
Published
2012-07-23
CVE-2012-2957
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows local users to gain privileges by modifying files, related to a "file inclusion" issue.
CVSS Score
7.2
EPSS Score
0.094
Published
2012-07-23
CVE-2012-2961
SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.012
Published
2012-07-23
CVE-2012-2976
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary shell commands via crafted input to application scripts, related to an "injection" issue.
CVSS Score
10.0
EPSS Score
0.044
Published
2012-07-23
CVE-2012-2977
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to change arbitrary passwords via crafted input to an application script.
CVSS Score
5.0
EPSS Score
0.082
Published
2012-07-23
CVE-2012-0296
Multiple cross-site scripting (XSS) vulnerabilities in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
4.3
EPSS Score
0.006
Published
2012-05-21
CVE-2012-0297
The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to application scripts, which allows remote attackers to execute arbitrary code by (1) injecting crafted data or (2) including crafted data.
CVSS Score
10.0
EPSS Score
0.895
Published
2012-05-21
CVE-2012-0298
The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to (1) read or (2) delete arbitrary files via unspecified vectors.
CVSS Score
6.4
EPSS Score
0.1
Published
2012-05-21
CVE-2012-0299
The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to upload arbitrary code to a designated pathname, and possibly execute this code, via unspecified vectors.
CVSS Score
10.0
EPSS Score
0.823
Published
2012-05-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved