CVE-2011-0549 Information

Description

SQL injection vulnerability in forget.php in the management GUI in Symantec Web Gateway 4.5.x allows remote attackers to execute arbitrary SQL commands via the username parameter.

Reference

http://secunia.com/advisories/45146 http://securitytracker.com/id?1025753 http://www.securityfocus.com/bid/48318 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110707_00 http://www.zerodayinitiative.com/advisories/ZDI-11-233/ https://exchange.xforce.ibmcloud.com/vulnerabilities/68428