mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-29 20:30:57 +02:00
876 B
876 B
CVE-2014-9225
Description
The ajaxswing webui in the management server in Symantec Critical System Protection (SCSP) 5.2.9 through MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x through 6.0 MP1 allows remote authenticated users to obtain sensitive server information via unspecified vectors.
POC
Reference
- http://packetstormsecurity.com/files/130060/Symantec-SDCS-SA-SCSP-XSS-Bypass-SQL-Injection-Disclosure.html
- http://seclists.org/fulldisclosure/2015/Jan/91
Github
No PoCs found on GitHub currently.