mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-08 14:24:48 +02:00
0xMarcio
865 B
865 B
CVE-2014-9225
Description
The ajaxswing webui in the management server in Symantec Critical System Protection (SCSP) 5.2.9 through MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x through 6.0 MP1 allows remote authenticated users to obtain sensitive server information via unspecified vectors.
POC
Reference
- http://packetstormsecurity.com/files/130060/Symantec-SDCS-SA-SCSP-XSS-Bypass-SQL-Injection-Disclosure.html
- http://seclists.org/fulldisclosure/2015/Jan/91
Github
No PoCs found on GitHub currently.