CVE-2012-1259

by Fred · 09/01/2020

Multiple SQL injection vulnerabilities in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allow remote attackers to execute arbitrary SQL commands via the (1) addip parameter to cgi-bin/scrut_fa_exclusions.cgi, (2) getPermissionsAndPreferences parameter to cgi-bin/login.cgi, or (3) possibly certain parameters to d4d/alarms.php as demonstrated by the search_str parameter.

Date published : 2020-01-09

http://packetstormsecurity.org/files/111791/Scrutinizer-8.6.2-Bypass-Cross-Site-Scripting-SQL-Injection.html

http://www.exploit-db.com/exploits/18750

CVE-2012-1259

Similar

Recent Posts

Categories

CVE-2012-1259

Share this:

Similar

Recent Posts

Categories

Tags