Sophos Web_appliance_firmware
6 CVEs affecting Sophos Web_appliance_firmware. Latest disclosed: 2014-04-11. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2014-2850 | | 2014-04-11 | The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2 allows remote administrators to execute arbitrary commands via she… | |
CVE-2014-2849 | | 2014-04-11 | The Change Password dialog box (change_password) in Sophos Web Appliance before 3.8.2 allows remote authenticated users to change the admin user password via a… | |
CVE-2013-2643 | | 2014-03-18 | Multiple cross-site scripting (XSS) vulnerabilities in Sophos Web Appliance before 3.7.8.2 allow remote attackers to inject arbitrary web script or HTML via th… | |
CVE-2013-2642 | | 2014-03-18 | Sophos Web Appliance before 3.7.8.2 allows (1) remote attackers to execute arbitrary commands via shell metacharacters in the client-ip parameter to the Block… | |
CVE-2013-2641 | | 2014-03-18 | Directory traversal vulnerability in patience.cgi in Sophos Web Appliance before 3.7.8.2 allows remote attackers to read arbitrary files via the id parameter. | |
CVE-2013-4983 | | 2013-09-10 | The get_referers function in /opt/ws/bin/sblistpack in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows remote attackers to execute arbitrary… |