Skip to main content
CVE-2016-9554 HIGH POC THREAT Act Now

The Sophos Web Appliance Remote / Secure Web Gateway server (version 4.2.1.3) is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 11.3%.

PHP Sophos Command Injection Web Appliance
NVD Exploit-DB VulDB
CVSS 3.0
7.2
EPSS
11.3%
CVE-2016-9553 HIGH POC This Week

The Sophos Web Appliance (version 4.2.1.3) is vulnerable to two Remote Command Injection vulnerabilities affecting its web administrative interface. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Sophos Command Injection Web Appliance
NVD Exploit-DB VulDB
CVSS 3.0
7.2
EPSS
6.8%
CVE-2017-5609 HIGH PATCH This Week

SQL injection vulnerability in include/functions_entries.inc.php in Serendipity 2.0.5 allows remote authenticated users to execute arbitrary SQL commands via the cat parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

SQLi PHP Serendipity
NVD GitHub VulDB
CVSS 3.0
8.8
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy