CVE-2013-7092

Currently unrated

Key Information:

Vendor: Mcafee
Status: Email Gateway
Vendor: CVE Published:; 13 December 2013

Summary

Multiple SQL injection vulnerabilities in /admin/cgi-bin/rpc/doReport/18 in McAfee Email Gateway 7.6 allow remote authenticated users to execute arbitrary SQL commands via the (1) events_col, (2) event_id, (3) reason, (4) events_order, (5) emailstatus_order, or (6) emailstatus_col JSON keys.

References

http://packetstormsecurity.com/files/124277/McAfee-Email-...

x_refsource_MISC

http://www.securityfocus.com/bid/64150

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/90161

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Dec 13, 2013
Vulnerability Reserved
Dec 13, 2013