what you don't know can hurt you
Showing 1 - 8 of 8 RSS Feed

Files

Imperva SecureSphere 13 Remote Command Execution
Posted Oct 8, 2018
Authored by rsp3ar

Imperva SecureSphere 13 suffers from a remote command execution vulnerability.

tags | exploit, remote
MD5 | 8f9d193749d6cb158460a794d9e4e87b

Related Files

Imperva SecureSphere 13.x PWS Command Injection
Posted Mar 6, 2019
Authored by rsp3ar | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in Imperva SecureSphere version 13.x. The vulnerability exists in the PWS service, where Python CGIs did not properly sanitize user supplied command parameters and directly passes them to corresponding CLI utility, leading to command injection. Agent registration credential is required to exploit SecureSphere in gateway mode. This module was successfully tested on Imperva SecureSphere 13.0/13.1/13.2 in pre-ftl mode and unsealed gateway mode.

tags | exploit, cgi, python
MD5 | e604d6ec0f3e74e3aaaaa80c5c18a797
Imperva SecureSphere WAF 11.5 Bypass
Posted Sep 14, 2018
Authored by Damien Cabrie

Imperva SecureSphere WAF version 11.5 suffers from a bypass vulnerability due to first validating that a Content-Type header must be passed.

tags | exploit, bypass
MD5 | 64e8407adb3a1ec56bc9a51ab5a506a1
Imperva SecureSphere 11.5 / 12.0 / 13.0 Privilege Escalation
Posted Aug 2, 2018
Authored by 0x09AL

Imperva SecureSphere versions 11.5, 12.0, and 13.0 suffer from a privilege escalation vulnerability.

tags | exploit
MD5 | 904db29d917d6e785eb0a03e579dcaba
Imperva SecureSphere WAF MX 9.5.6 SQL Injection
Posted Oct 10, 2013
Authored by Mattia Folador, Giuseppe D'Amore

Imperva SecureSphere WAF MX version 9.5.6 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d7f4777d927f3e980ab8c99b62a98141
Imperva SecureSphere Operations Manager Command Execution
Posted Jun 3, 2013
Authored by Pedro Andujar

Imperva SecureSphere Operations Manager version 9.0.0.5 Enterprise Edition suffers from path disclosure, command execution, and arbitrary file upload vulnerabilities.

tags | exploit, arbitrary, vulnerability, file upload
MD5 | cdf8dfe6404a22e697acbdbeb344e4ef
Imperva SecureSphere SQL Injection Filter Bypass
Posted May 7, 2011
Authored by @drk1wi

Imperva SecureSphere suffers from a SQL injection filter bypass vulnerability.

tags | exploit, sql injection, bypass
MD5 | c45372a200ca363d3bf13f41240b2768
Imperva SecureSphere Bypass
Posted Apr 15, 2010
Authored by Scott Miles

Imperva SecureSphere Web Application Firewall and Database Firewall products can be bypassed by appending specially crafted data to requests. Protection provided by the Imperva device against attacks such as SQL injection and Cross-Site Scripting is negated, allowing unfiltered requests through to protected applications.

tags | advisory, web, xss, sql injection
advisories | CVE-2010-1329
MD5 | 87864ecd1c73311b36c76ad414210a6b
Secunia Security Advisory 29439
Posted Mar 22, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Shachar Bar (Berezniski) has reported a vulnerability in Imperva SecureSphere, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
MD5 | 6d22be65b9bf89aa2f93d8b083be3a85
Page 1 of 1
Back1Next

File Archive:

March 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    15 Files
  • 2
    Mar 2nd
    5 Files
  • 3
    Mar 3rd
    3 Files
  • 4
    Mar 4th
    25 Files
  • 5
    Mar 5th
    20 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    12 Files
  • 9
    Mar 9th
    3 Files
  • 10
    Mar 10th
    4 Files
  • 11
    Mar 11th
    23 Files
  • 12
    Mar 12th
    12 Files
  • 13
    Mar 13th
    12 Files
  • 14
    Mar 14th
    19 Files
  • 15
    Mar 15th
    12 Files
  • 16
    Mar 16th
    3 Files
  • 17
    Mar 17th
    1 Files
  • 18
    Mar 18th
    15 Files
  • 19
    Mar 19th
    22 Files
  • 20
    Mar 20th
    14 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    17 Files
  • 23
    Mar 23rd
    1 Files
  • 24
    Mar 24th
    1 Files
  • 25
    Mar 25th
    16 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close