Symantec : Security Vulnerabilities, CVEs, Published In 2015 (Sql injection)

CVE-2015-6548

Multiple SQL injection vulnerabilities in a PHP script in the management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
5.8
EPSS Score
0.12%
Published
2015-09-20
Updated
2016-12-22

CVE-2015-1491

SQL injection vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
6.0
EPSS Score
0.12%
Published
2015-08-01
Updated
2017-09-21

CVE-2014-9229

Multiple SQL injection vulnerabilities in interface PHP scripts in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow remote authenticated users to execute arbitrary SQL commands by leveraging the Limited Administrator role.
Max CVSS
6.5
EPSS Score
0.12%
Published
2015-09-20
Updated
2017-09-23

CVE-2014-7289

SQL injection vulnerability in the management server in Symantec Critical System Protection (SCSP) 5.2.9 before MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x before 6.0 MP1 allows remote authenticated users to execute arbitrary SQL commands via a crafted HTTP request.
Max CVSS
6.5
EPSS Score
0.25%
Published
2015-01-21
Updated
2021-08-04
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close