Vulnerabilities > Imperva > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-04-25 CVE-2018-16660 OS Command Injection vulnerability in Imperva Securesphere 13.0.10/13.1.10/13.2.10
A command injection vulnerability in PWS in Imperva SecureSphere 13.0.0.10 and 13.1.0.10 Gateway allows an attacker with authenticated access to execute arbitrary OS commands on a vulnerable installation.
network
low complexity
imperva CWE-78
critical
 9.0
9.0
2018-11-28 CVE-2018-19646 OS Command Injection vulnerability in Imperva Securesphere 13.0.10/13.1.10/13.2.10
The Python CGI scripts in PWS in Imperva SecureSphere 13.0.10, 13.1.10, and 13.2.10 allow remote attackers to execute arbitrary OS commands because command-line arguments are mishandled.
network
low complexity
imperva CWE-78
critical
 10.0
10