Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
8 vulnerabilities found for securesphere_web_application_firewall by imperva
CVE-2011-5266 (GCVE-0-2011-5266)
Vulnerability from cvelistv5 – Published: 2020-01-08 22:43 – Updated: 2024-08-07 00:30
VLAI
Summary
Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2010 allows SQL injection filter bypass.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://seclists.org/fulldisclosure/2011/May/163 | x_refsource_MISC |
Date Public
2011-06-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:30:46.932Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2011/May/163"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-06-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2010 allows SQL injection filter bypass."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-08T22:43:52.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://seclists.org/fulldisclosure/2011/May/163"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-5266",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2010 allows SQL injection filter bypass."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://seclists.org/fulldisclosure/2011/May/163",
"refsource": "MISC",
"url": "http://seclists.org/fulldisclosure/2011/May/163"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-5266",
"datePublished": "2020-01-08T22:43:52.000Z",
"dateReserved": "2013-07-12T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:30:46.932Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4887 (GCVE-0-2011-4887)
Vulnerability from cvelistv5 – Published: 2014-09-11 14:00 – Updated: 2024-08-07 00:16
VLAI
Summary
Cross-site scripting (XSS) vulnerability in the Violations Table in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall (WAF) 9.0 allows remote attackers to inject arbitrary web script or HTML via the username field.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.secureworks.com/cyber-threat-intellige… | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/52064 | vdb-entryx_refsource_BID |
| http://www.imperva.com/Services/adc_advisories_re… | x_refsource_CONFIRM |
| http://osvdb.org/79338 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/48086 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2012-02-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:16:35.130Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2012-002/"
},
{
"name": "securesphere-unspec-xss(73264)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73264"
},
{
"name": "52064",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52064"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.imperva.com/Services/adc_advisories_response_secureworks_CVE_2011_4887"
},
{
"name": "79338",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/79338"
},
{
"name": "48086",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48086"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-02-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Violations Table in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall (WAF) 9.0 allows remote attackers to inject arbitrary web script or HTML via the username field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2012-002/"
},
{
"name": "securesphere-unspec-xss(73264)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73264"
},
{
"name": "52064",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52064"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.imperva.com/Services/adc_advisories_response_secureworks_CVE_2011_4887"
},
{
"name": "79338",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/79338"
},
{
"name": "48086",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48086"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4887",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Violations Table in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall (WAF) 9.0 allows remote attackers to inject arbitrary web script or HTML via the username field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2012-002/",
"refsource": "MISC",
"url": "http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2012-002/"
},
{
"name": "securesphere-unspec-xss(73264)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73264"
},
{
"name": "52064",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52064"
},
{
"name": "http://www.imperva.com/Services/adc_advisories_response_secureworks_CVE_2011_4887",
"refsource": "CONFIRM",
"url": "http://www.imperva.com/Services/adc_advisories_response_secureworks_CVE_2011_4887"
},
{
"name": "79338",
"refsource": "OSVDB",
"url": "http://osvdb.org/79338"
},
{
"name": "48086",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48086"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-4887",
"datePublished": "2014-09-11T14:00:00.000Z",
"dateReserved": "2011-12-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:16:35.130Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-0767 (GCVE-0-2011-0767)
Vulnerability from cvelistv5 – Published: 2011-06-06 19:00 – Updated: 2024-08-06 22:05
VLAI
Summary
Cross-site scripting (XSS) vulnerability in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall 6.2, 7.x, and 8.x allows remote attackers to inject arbitrary web script or HTML via an HTTP request to a firewalled server, aka Bug ID 31759.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/44772 | third-party-advisoryx_refsource_SECUNIA |
| http://www.secureworks.com/research/advisories/SW… | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.kb.cert.org/vuls/id/567774 | third-party-advisoryx_refsource_CERT-VN |
| http://www.imperva.com/resources/adc/adc_advisori… | x_refsource_CONFIRM |
Date Public
2011-05-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:05:53.534Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "44772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44772"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.secureworks.com/research/advisories/SWRX-2011-001/"
},
{
"name": "securesphere-web-server-xss(67779)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67779"
},
{
"name": "VU#567774",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/567774"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.imperva.com/resources/adc/adc_advisories_response_secureworks.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-05-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall 6.2, 7.x, and 8.x allows remote attackers to inject arbitrary web script or HTML via an HTTP request to a firewalled server, aka Bug ID 31759."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "44772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44772"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.secureworks.com/research/advisories/SWRX-2011-001/"
},
{
"name": "securesphere-web-server-xss(67779)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67779"
},
{
"name": "VU#567774",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/567774"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.imperva.com/resources/adc/adc_advisories_response_secureworks.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2011-0767",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall 6.2, 7.x, and 8.x allows remote attackers to inject arbitrary web script or HTML via an HTTP request to a firewalled server, aka Bug ID 31759."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "44772",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44772"
},
{
"name": "http://www.secureworks.com/research/advisories/SWRX-2011-001/",
"refsource": "MISC",
"url": "http://www.secureworks.com/research/advisories/SWRX-2011-001/"
},
{
"name": "securesphere-web-server-xss(67779)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67779"
},
{
"name": "VU#567774",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/567774"
},
{
"name": "http://www.imperva.com/resources/adc/adc_advisories_response_secureworks.html",
"refsource": "CONFIRM",
"url": "http://www.imperva.com/resources/adc/adc_advisories_response_secureworks.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2011-0767",
"datePublished": "2011-06-06T19:00:00.000Z",
"dateReserved": "2011-02-03T00:00:00.000Z",
"dateUpdated": "2024-08-06T22:05:53.534Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1329 (GCVE-0-2010-1329)
Vulnerability from cvelistv5 – Published: 2010-04-15 17:00 – Updated: 2024-08-07 01:21
VLAI
Summary
Imperva SecureSphere Web Application Firewall and Database Firewall 5.0.0.5082 through 7.0.0.7078 allow remote attackers to bypass intrusion-prevention functionality via a request that has an appended long string containing an unspecified manipulation.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.clearskies.net/documents/css-advisory-… | x_refsource_MISC |
| http://www.imperva.com/resources/adc/adc_advisori… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/39472 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/510709/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2010-04-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:21:18.473Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.clearskies.net/documents/css-advisory-css1001-imperva.php"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.imperva.com/resources/adc/adc_advisories_response_clearskies.html"
},
{
"name": "39472",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39472"
},
{
"name": "20100413 Imperva SecureSphere Web Application Firewall and Database Firewall Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/510709/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Imperva SecureSphere Web Application Firewall and Database Firewall 5.0.0.5082 through 7.0.0.7078 allow remote attackers to bypass intrusion-prevention functionality via a request that has an appended long string containing an unspecified manipulation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.clearskies.net/documents/css-advisory-css1001-imperva.php"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.imperva.com/resources/adc/adc_advisories_response_clearskies.html"
},
{
"name": "39472",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39472"
},
{
"name": "20100413 Imperva SecureSphere Web Application Firewall and Database Firewall Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/510709/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1329",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Imperva SecureSphere Web Application Firewall and Database Firewall 5.0.0.5082 through 7.0.0.7078 allow remote attackers to bypass intrusion-prevention functionality via a request that has an appended long string containing an unspecified manipulation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.clearskies.net/documents/css-advisory-css1001-imperva.php",
"refsource": "MISC",
"url": "http://www.clearskies.net/documents/css-advisory-css1001-imperva.php"
},
{
"name": "http://www.imperva.com/resources/adc/adc_advisories_response_clearskies.html",
"refsource": "CONFIRM",
"url": "http://www.imperva.com/resources/adc/adc_advisories_response_clearskies.html"
},
{
"name": "39472",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39472"
},
{
"name": "20100413 Imperva SecureSphere Web Application Firewall and Database Firewall Bypass Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/510709/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1329",
"datePublished": "2010-04-15T17:00:00.000Z",
"dateReserved": "2010-04-08T00:00:00.000Z",
"dateUpdated": "2024-08-07T01:21:18.473Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-5266 (GCVE-0-2011-5266)
Vulnerability from nvd – Published: 2020-01-08 22:43 – Updated: 2024-08-07 00:30
VLAI
Summary
Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2010 allows SQL injection filter bypass.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://seclists.org/fulldisclosure/2011/May/163 | x_refsource_MISC |
Date Public
2011-06-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:30:46.932Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2011/May/163"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-06-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2010 allows SQL injection filter bypass."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-08T22:43:52.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://seclists.org/fulldisclosure/2011/May/163"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-5266",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2010 allows SQL injection filter bypass."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://seclists.org/fulldisclosure/2011/May/163",
"refsource": "MISC",
"url": "http://seclists.org/fulldisclosure/2011/May/163"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-5266",
"datePublished": "2020-01-08T22:43:52.000Z",
"dateReserved": "2013-07-12T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:30:46.932Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4887 (GCVE-0-2011-4887)
Vulnerability from nvd – Published: 2014-09-11 14:00 – Updated: 2024-08-07 00:16
VLAI
Summary
Cross-site scripting (XSS) vulnerability in the Violations Table in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall (WAF) 9.0 allows remote attackers to inject arbitrary web script or HTML via the username field.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.secureworks.com/cyber-threat-intellige… | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/52064 | vdb-entryx_refsource_BID |
| http://www.imperva.com/Services/adc_advisories_re… | x_refsource_CONFIRM |
| http://osvdb.org/79338 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/48086 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2012-02-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:16:35.130Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2012-002/"
},
{
"name": "securesphere-unspec-xss(73264)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73264"
},
{
"name": "52064",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52064"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.imperva.com/Services/adc_advisories_response_secureworks_CVE_2011_4887"
},
{
"name": "79338",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/79338"
},
{
"name": "48086",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48086"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-02-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Violations Table in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall (WAF) 9.0 allows remote attackers to inject arbitrary web script or HTML via the username field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2012-002/"
},
{
"name": "securesphere-unspec-xss(73264)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73264"
},
{
"name": "52064",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52064"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.imperva.com/Services/adc_advisories_response_secureworks_CVE_2011_4887"
},
{
"name": "79338",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/79338"
},
{
"name": "48086",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48086"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4887",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Violations Table in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall (WAF) 9.0 allows remote attackers to inject arbitrary web script or HTML via the username field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2012-002/",
"refsource": "MISC",
"url": "http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2012-002/"
},
{
"name": "securesphere-unspec-xss(73264)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73264"
},
{
"name": "52064",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52064"
},
{
"name": "http://www.imperva.com/Services/adc_advisories_response_secureworks_CVE_2011_4887",
"refsource": "CONFIRM",
"url": "http://www.imperva.com/Services/adc_advisories_response_secureworks_CVE_2011_4887"
},
{
"name": "79338",
"refsource": "OSVDB",
"url": "http://osvdb.org/79338"
},
{
"name": "48086",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48086"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-4887",
"datePublished": "2014-09-11T14:00:00.000Z",
"dateReserved": "2011-12-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:16:35.130Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-0767 (GCVE-0-2011-0767)
Vulnerability from nvd – Published: 2011-06-06 19:00 – Updated: 2024-08-06 22:05
VLAI
Summary
Cross-site scripting (XSS) vulnerability in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall 6.2, 7.x, and 8.x allows remote attackers to inject arbitrary web script or HTML via an HTTP request to a firewalled server, aka Bug ID 31759.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/44772 | third-party-advisoryx_refsource_SECUNIA |
| http://www.secureworks.com/research/advisories/SW… | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.kb.cert.org/vuls/id/567774 | third-party-advisoryx_refsource_CERT-VN |
| http://www.imperva.com/resources/adc/adc_advisori… | x_refsource_CONFIRM |
Date Public
2011-05-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:05:53.534Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "44772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44772"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.secureworks.com/research/advisories/SWRX-2011-001/"
},
{
"name": "securesphere-web-server-xss(67779)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67779"
},
{
"name": "VU#567774",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/567774"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.imperva.com/resources/adc/adc_advisories_response_secureworks.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-05-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall 6.2, 7.x, and 8.x allows remote attackers to inject arbitrary web script or HTML via an HTTP request to a firewalled server, aka Bug ID 31759."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "44772",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44772"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.secureworks.com/research/advisories/SWRX-2011-001/"
},
{
"name": "securesphere-web-server-xss(67779)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67779"
},
{
"name": "VU#567774",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/567774"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.imperva.com/resources/adc/adc_advisories_response_secureworks.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2011-0767",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall 6.2, 7.x, and 8.x allows remote attackers to inject arbitrary web script or HTML via an HTTP request to a firewalled server, aka Bug ID 31759."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "44772",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44772"
},
{
"name": "http://www.secureworks.com/research/advisories/SWRX-2011-001/",
"refsource": "MISC",
"url": "http://www.secureworks.com/research/advisories/SWRX-2011-001/"
},
{
"name": "securesphere-web-server-xss(67779)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67779"
},
{
"name": "VU#567774",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/567774"
},
{
"name": "http://www.imperva.com/resources/adc/adc_advisories_response_secureworks.html",
"refsource": "CONFIRM",
"url": "http://www.imperva.com/resources/adc/adc_advisories_response_secureworks.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2011-0767",
"datePublished": "2011-06-06T19:00:00.000Z",
"dateReserved": "2011-02-03T00:00:00.000Z",
"dateUpdated": "2024-08-06T22:05:53.534Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1329 (GCVE-0-2010-1329)
Vulnerability from nvd – Published: 2010-04-15 17:00 – Updated: 2024-08-07 01:21
VLAI
Summary
Imperva SecureSphere Web Application Firewall and Database Firewall 5.0.0.5082 through 7.0.0.7078 allow remote attackers to bypass intrusion-prevention functionality via a request that has an appended long string containing an unspecified manipulation.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.clearskies.net/documents/css-advisory-… | x_refsource_MISC |
| http://www.imperva.com/resources/adc/adc_advisori… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/39472 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/510709/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2010-04-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:21:18.473Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.clearskies.net/documents/css-advisory-css1001-imperva.php"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.imperva.com/resources/adc/adc_advisories_response_clearskies.html"
},
{
"name": "39472",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39472"
},
{
"name": "20100413 Imperva SecureSphere Web Application Firewall and Database Firewall Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/510709/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Imperva SecureSphere Web Application Firewall and Database Firewall 5.0.0.5082 through 7.0.0.7078 allow remote attackers to bypass intrusion-prevention functionality via a request that has an appended long string containing an unspecified manipulation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.clearskies.net/documents/css-advisory-css1001-imperva.php"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.imperva.com/resources/adc/adc_advisories_response_clearskies.html"
},
{
"name": "39472",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39472"
},
{
"name": "20100413 Imperva SecureSphere Web Application Firewall and Database Firewall Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/510709/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1329",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Imperva SecureSphere Web Application Firewall and Database Firewall 5.0.0.5082 through 7.0.0.7078 allow remote attackers to bypass intrusion-prevention functionality via a request that has an appended long string containing an unspecified manipulation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.clearskies.net/documents/css-advisory-css1001-imperva.php",
"refsource": "MISC",
"url": "http://www.clearskies.net/documents/css-advisory-css1001-imperva.php"
},
{
"name": "http://www.imperva.com/resources/adc/adc_advisories_response_clearskies.html",
"refsource": "CONFIRM",
"url": "http://www.imperva.com/resources/adc/adc_advisories_response_clearskies.html"
},
{
"name": "39472",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39472"
},
{
"name": "20100413 Imperva SecureSphere Web Application Firewall and Database Firewall Bypass Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/510709/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1329",
"datePublished": "2010-04-15T17:00:00.000Z",
"dateReserved": "2010-04-08T00:00:00.000Z",
"dateUpdated": "2024-08-07T01:21:18.473Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}