CVE-2011-0549

SQL injection vulnerability in forget.php in the management GUI in Symantec Web Gateway 4.5.x allows remote attackers to execute arbitrary SQL commands via the username parameter.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:symantec:web_gateway:4.5:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_gateway:4.5.0.326:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_gateway:4.5.1.34:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_gateway:4.5.1.44:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_gateway:4.5.2.37:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_gateway:4.5.2.65:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_gateway:4.5.2.72:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_gateway:4.5.3.38:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_gateway:4.5.4.9:*:*:*:*:*:*:*

History

No history.

Information

Published : 2011-07-11 20:55

Updated : 2024-02-28 11:41


NVD link : CVE-2011-0549

Mitre link : CVE-2011-0549

CVE.ORG link : CVE-2011-0549


JSON object : View

Products Affected

symantec

  • web_gateway
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')