19 matches found
Plixer Scrutinizer NetFlow & sFlow Analyzer SQL注入漏洞
Plixer Scrutinizer is a network traffic analysis system that collects, analyzes, visualizes, and reports data from every network conversation and digital transaction to provide security and network intelligence. A SQL injection vulnerability exists in Plixer Scrutinizer version 19.0.2. An attacke...
CVE-2012-1258
cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer before 9.0.1.19899 does not validate user permissions, which allow remote attackers to add user accounts with administrator privileges via the newuser, pwd, and selectedUserGroup parameters...
CVE-2012-1259
Multiple SQL injection vulnerabilities in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allow remote attackers to execute arbitrary SQL commands via the 1 addip parameter to cgi-bin/scrutfaexclusions.cgi, 2...
Sql injection
Multiple SQL injection vulnerabilities in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allow remote attackers to execute arbitrary SQL commands via the 1 addip parameter to cgi-bin/scrutfaexclusions.cgi, 2...
Cross site scripting
Cross-site scripting XSS vulnerability in cgi-bin/scrutfaexclusions.cgi in Plixer International Scrutinizer NetFlow and sFlow Analyzer 8.6.2.16204 and other versions before 9.0.1.19899 allows remote attackers to inject arbitrary web script or HTML via the standalone parameter...
CVE-2012-1261
CVE-2012-1261 describes a cross-site scripting (XSS) vulnerability in Scrutinizer NetFlow and sFlow Analyzer. The issue affects the CGI endpoint /cgi-bin/scrut_fa_exclusions.cgi, where the standalone parameter can be used to inject arbitrary web script/HTML on affected versions (8.6.2.16204 and o...
CVE-2012-1260
The CVE-2012-1260 entry describes multiple vulnerabilities in Plixer Scrutinizer NetFlow & sFlow Analyzer (Scrutinizer) up to version 8.6.2.16204, possibly affecting earlier builds, with remediation implemented in 9.0.1 (9.0.1.19899). Concrete issues include: Cross-site scripting (XSS) in cgi-bin...
CVE-2012-1259
CVE-2012-1259 concerns multiple SQL injection vulnerabilities in Plixer Scrutinizer NetFlow & sFlow Analyzer. Public details identify exploitable vectors in: (1) addip parameter to cgi-bin/scrut_fa_exclusions.cgi, (2) getPermissionsAndPreferences parameter to cgi-bin/login.cgi, and (3) various pa...
Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential (CVE-2012-3951)
An insecure default credentials config has been reported in Plixer Scrutinizer. The vulnerability is due to an insecure config of default credentials in the MySQL server. The attacker could log into MySQL server with the default credentials, and then gain arbitrary remote code execution...
Scrutinizer < 10.1.2 Multiple Vulnerabilities
The version of Scrutinizer NetFlow and sFlow Analyzer running on the remote host is a version prior to 10.1.2, and is, therefore, potentially affected by the following vulnerabilities : - A blind SQL injection vulnerability exists because the 'orderby' and 'gadget' parameters of 'faweb.cgi' fail ...
TWSL2012-014: Multiple Vulnerabilities in Scrutinizer NetFlow & sFlow Analyzer
Trustwave SpiderLabs Security Advisory TWSL2012-014: Multiple Vulnerabilities in Scrutinizer NetFlow & sFlow Analyzer Published: 07/27/12 Version: 1.0 Vendor: Plixer International http://www.plixer.com Product: Scrutinizer NetFlow and sFlow Analyzer Version affected: Confirmed 9.0.1 Build...
Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Plixer Scrutinize...
Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential
Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...
Plixer Scrutinizer NetFlow and sFlow Analyzer HTTP Authentication Bypass
This will add an administrative account to Scrutinizer NetFlow and sFlow Analyzer without any authentication. Versions such as 9.0.1 or older are affected. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...
Scrutinizer NetFlow / sFlow Analyzer 9.0.1 XSS / Bypass / File Upload
Exploit for php platform in category web applications Vendor: Plixer International http://www.plixer.com Product: Scrutinizer NetFlow and sFlow Analyzer Version affected: Confirmed 9.0.1 Build 9.0.1.19899 and prior versions may be affected as well. Please note that the software can be found in a...
Scrutinizer NetFlow & sFlow Analyzer Detection
Scrutinizer NetFlow & sFlow Analyzer, a network traffic analysis tool, was detected on the remote web server. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid58992; scriptversion"1.4"; scriptcvsdate"Date: 2019/11/22"; scriptnameenglish:"Scrutinizer NetFlow & sFlow...
TWSL2012-008: Multiple Vulnerabilities in Scrutinizer NetFlow & sFlow Analyzer
Trustwave SpiderLabs Security Advisory TWSL2012-008: Multiple Vulnerabilities in Scrutinizer NetFlow & sFlow Analyzer https://www.trustwave.com/spiderlabs/advisories/TWSL2012-008.txt Published: 04/11/12 Version: 1.0 Vendor: Plixer International http://www.plixer.com Product: Scrutinizer NetFlow a...
Scrutinizer NetFlow sFlow Analyzer - Multiple Vulnerabilities
Scrutinizer NetFlow sFlow Analyzer - Multiple Vulnerabilities Trustwave SpiderLabs Security Advisory TWSL2012-008: Multiple Vulnerabilities in Scrutinizer NetFlow & sFlow Analyzer https://www.trustwave.com/spiderlabs/advisories/TWSL2012-008.txt Published: 04/11/12 Version: 1.0 Vendor: Plixer...