Web Gateway

web_gateway

Vendor: Symantec • 35 CVEs

CVEs (35)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2013-1617 1Symantec 3Web Gateway Web Gateway Appliance 8450Web Gateway Appliance 8490 Apr 29, 2026 Aug 1, 2013 N/A· v4 N/A· v3 7.4 HIGH· v2 Multiple SQL injection vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vector...Show more Multiple SQL injection vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors.Show less
CVE-2013-1616 1Symantec 3Web Gateway Web Gateway Appliance 8450Web Gateway Appliance 8490 Apr 29, 2026 Aug 1, 2013 N/A· v4 N/A· v3 8.3 HIGH· v2 The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allows remote attackers to execute arbitrary commands by injecting a command into an application script.
CVE-2012-4178 1Symantec 1Web Gateway Apr 29, 2026 Aug 7, 2012 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in spywall/includes/deptUploads_data.php in Symantec Web Gateway 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via the groupid parameter.
CVE-2012-2977 1Symantec 1Web Gateway Apr 29, 2026 Jul 23, 2012 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to change arbitrary passwords via crafted input to an application script.
CVE-2012-2976 1Symantec 1Web Gateway Apr 29, 2026 Jul 23, 2012 N/A· v4 N/A· v3 10.0 HIGH· v2 The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary shell commands via crafted input to application scripts, related to an "injection" issue.
CVE-2012-2961 1Symantec 1Web Gateway Apr 29, 2026 Jul 23, 2012 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2012-2957 1Symantec 1Web Gateway Apr 29, 2026 Jul 23, 2012 N/A· v4 N/A· v3 7.2 HIGH· v2 The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows local users to gain privileges by modifying files, related to a "file inclusion" issue.
CVE-2012-2953 1Symantec 1Web Gateway Apr 29, 2026 Jul 23, 2012 N/A· v4 N/A· v3 10.0 HIGH· v2 The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary commands via crafted input to application scripts.
CVE-2012-2574 1Symantec 1Web Gateway Apr 29, 2026 Jul 23, 2012 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to a "blind SQL injection" is...Show more SQL injection vulnerability in the management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to a "blind SQL injection" issue.Show less
CVE-2012-0299 1Symantec 1Web Gateway Apr 29, 2026 May 21, 2012 N/A· v4 N/A· v3 10.0 HIGH· v2 The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to upload arbitrary code to a designated pathname, and possibly execute this code, via unspecified vecto...Show more The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to upload arbitrary code to a designated pathname, and possibly execute this code, via unspecified vectors.Show less
CVE-2012-0298 1Symantec 1Web Gateway Apr 29, 2026 May 21, 2012 N/A· v4 N/A· v3 6.4 MEDIUM· v2 The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to (1) read or (2) delete arbitrary files via unspecified vectors.
CVE-2012-0297 1Symantec 1Web Gateway Apr 29, 2026 May 21, 2012 N/A· v4 N/A· v3 10.0 HIGH· v2 The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to application scripts, which allows remote attackers to execute arbitrary code by (1) injecting crafted data or (2) includi...Show more The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to application scripts, which allows remote attackers to execute arbitrary code by (1) injecting crafted data or (2) including crafted data.Show less
CVE-2012-0296 1Symantec 1Web Gateway Apr 29, 2026 May 21, 2012 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2011-0549 1Symantec 1Web Gateway Apr 29, 2026 Jul 11, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in forget.php in the management GUI in Symantec Web Gateway 4.5.x allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVE-2010-0115 1Symantec 1Web Gateway Apr 29, 2026 Jan 14, 2011 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in login.php in the GUI management console in Symantec Web Gateway 4.5 before 4.5.0.376 allows remote attackers to execute arbitrary SQL commands via the USERNAME parameter.

Previous 12