2 matches found
SolarWinds Storage Resource Monitor Profiler addNewRule SQL Injection RCE
The SolarWinds Storage Resource Monitor SRM Profiler formerly SolarWinds Storage Manager running on the remote host is affected by a remote code execution vulnerability in ScriptServlet due to a failure to sanitize user-supplied input to the addNewRule method of the RulesMetaData class. An...
Sql injection
Multiple SQL injection vulnerabilities in the Web Services web server in SolarWinds Storage Resource Monitor SRM Profiler formerly Storage Manager STM before 6.2.3 allow remote attackers to execute arbitrary SQL commands via the 1 ScriptSchedule parameter in the ScriptServlet servlet; the 2...