Vulnerabilities > Imperva > Securesphere WEB Application Firewall
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-08 | CVE-2011-5266 | SQL Injection vulnerability in Imperva Securesphere web Application Firewall Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2010 allows SQL injection filter bypass. | 7.5 |
| 2014-09-11 | CVE-2011-4887 | Cross-Site Scripting vulnerability in Imperva Securesphere web Application Firewall 9.0 Cross-site scripting (XSS) vulnerability in the Violations Table in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall (WAF) 9.0 allows remote attackers to inject arbitrary web script or HTML via the username field. | 4.3 |
| 2011-06-06 | CVE-2011-0767 | Cross-Site Scripting vulnerability in Imperva Securesphere web Application Firewall Cross-site scripting (XSS) vulnerability in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall 6.2, 7.x, and 8.x allows remote attackers to inject arbitrary web script or HTML via an HTTP request to a firewalled server, aka Bug ID 31759. | 4.3 |
| 2010-04-15 | CVE-2010-1329 | Unspecified vulnerability in Imperva products Imperva SecureSphere Web Application Firewall and Database Firewall 5.0.0.5082 through 7.0.0.7078 allow remote attackers to bypass intrusion-prevention functionality via a request that has an appended long string containing an unspecified manipulation. | 7.8 |