Lucene search
+L

40 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-4891

Malware in sbrugna...

5.5CVSS6.4AI score0.0274EPSS
Exploits1References7
Check Point Advisories
Check Point Advisories
added 2017/05/21 12:0 a.m.39 views

Dell SonicWALL Scrutinizer methodDetail SQL Injection (CVE-2014-4977)

An SQL injection vulnerability exists in Dell SonicWALL Scrutinizer. A remote, authenticated attacker can exploit this vulnerability by sending a crafted request. Successful exploitation of this vulnerability can lead to arbitrary code execution in the context of SYSTEM for windows or as Apache f...

6.5CVSS3.1AI score0.74932EPSS
Exploits5
0day.today
0day.today
added 2016/05/17 12:0 a.m.57 views

Dell SonicWALL Scrutinizer 11.01 - methodDetail SQL Injection (Metasploit)

Exploit for multiple platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection",...

6.5CVSS6.6AI score0.74932EPSS
Exploits5
Exploit DB
Exploit DB
added 2016/05/17 12:0 a.m.30 views

Dell SonicWALL Scrutinizer 11.01 - methodDetail SQL Injection (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection", 'Description' = %q This module exploits a vulnerability found in...

6.5CVSS7AI score0.74932EPSS
Exploits5
Metasploit
Metasploit
added 2016/05/12 3:27 a.m.24 views

Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection

This module exploits a vulnerability found in Dell SonicWALL Scrutinizer. The methodDetail parameter in exporters.php allows an attacker to write arbitrary files to the file system with an SQL Injection attack, and gain remote code execution under the context of SYSTEM for Windows, or as Apache f...

6.5CVSS0.6AI score0.74932EPSS
Exploits5
NVD
NVD
added 2014/07/16 2:19 p.m.23 views

CVE-2014-4977

Multiple SQL injection vulnerabilities in Dell SonicWall Scrutinizer 11.0.1 allow remote authenticated users to execute arbitrary SQL commands via the 1 selectedUserGroup parameter in a create new user request to cgi-bin/admin.cgi or the 2 userid parameter in the changeUnit function, 3 methodDeta...

6.5CVSS8AI score0.74932EPSS
Exploits5References8
Prion
Prion
added 2014/07/16 2:19 p.m.15 views

Sql injection

Multiple SQL injection vulnerabilities in Dell SonicWall Scrutinizer 11.0.1 allow remote authenticated users to execute arbitrary SQL commands via the 1 selectedUserGroup parameter in a create new user request to cgi-bin/admin.cgi or the 2 userid parameter in the changeUnit function, 3 methodDeta...

6.5CVSS8.7AI score0.74932EPSS
Exploits5References8Affected Software1
Cvelist
Cvelist
added 2014/07/16 2:0 p.m.31 views

CVE-2014-4977

Multiple SQL injection vulnerabilities in Dell SonicWall Scrutinizer 11.0.1 allow remote authenticated users to execute arbitrary SQL commands via the 1 selectedUserGroup parameter in a create new user request to cgi-bin/admin.cgi or the 2 userid parameter in the changeUnit function, 3 methodDeta...

8AI score0.74932EPSS
Exploits5References8
0day.today
0day.today
added 2014/07/12 12:0 a.m.33 views

Dell Sonicwall Scrutinizer 11.01 Code Execution / SQL Injection

Dell Sonicwall Scrutinizer version 11.01 is vulnerable to an authenticated SQL injection that allows an attacker to write arbitrary files to the file system. This vulnerability can be used to write a PHP script to the file system to gain remote command execution. Metasploit module included. Dell...

8.5AI score
Exploits0
Packet Storm
Packet Storm
added 2014/07/10 12:0 a.m.33 views

Dell Sonicwall Scrutinizer 11.01 Code Execution / SQL Injection

Dell Scrutinizer 11.01 several vulnerabilities http://www.mysonicwall.com has a trial available. Dell Sonicwall Scrutinizer suffers from several SQL injections, many of which can end up with remote code execution. An attacker needs to be authenticated, but not as an administrator. However, that...

0.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Dell SonicWALL Scrutinizer 9 SQL Injection

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Dell SonicWALL Scrutinizer 9.0.1 (statusFilter.php q parameter) SQL Injection

No description provided by source. !/usr/bin/python Exploit Title: Dell SonicWALL Scrutinizer 9.0.1 statusFilter.php q parameter SQL Injection Date: Jul 22 2012 Author: muts Version: SonicWALL Scrutinizer 9.0.1 Vendor URL: http://www.sonicwall.com Special thanks to: Tal Zeltzer Timeline: 12 Jun...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.34 views

Sonicwall Scrutinizer 9.5.2 - SQL Injection Vulnerability

No description provided by source. Title: ====== Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability Date: ===== 2013-02-13 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=789 9984: Investigate Vulnerability Lab issues this ticket included tracking the creation o...

7.1AI score
Exploits0
Dsquare
Dsquare
added 2013/06/09 12:0 a.m.26 views

SonicWALL Scrutinizer 9.0.1 alarms.php SQL Injection

SQL Injection vulnerability in alarms.php Vulnerability Type: SQL Injection For the exploit source code contact DSquare Security sales team...

7.5CVSS1.1AI score0.04247EPSS
Exploits7References3
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.58 views

Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability

Title: ====== Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability Date: ===== 2013-02-13 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=789 9984: Investigate Vulnerability Lab issues this ticket included tracking the creation of our DBI shim to error on semi-col...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2013/02/18 12:0 a.m.43 views

Sonicwall OEM Scrutinizer v9.5.2 - Multiple Vulnerabilities

Title: ====== Sonicwall OEM Scrutinizer v9.5.2 - Multiple Vulnerabilities Date: ===== 2013-02-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=786 VL-ID: ===== 786 Common Vulnerability Scoring System: ==================================== 5.2 Introduction: ============...

7.5AI score
Exploits0
exploitpack
exploitpack
added 2013/02/14 12:0 a.m.33 views

Dell SonicWALL Scrutinizer - Multiple HTML Injection Vulnerabilities

Dell SonicWALL Scrutinizer - Multiple HTML Injection Vulnerabilities source: https://www.securityfocus.com/bid/57949/info The Dell SonicWALL Scrutinizer is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. Successful exploits will allow...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2013/02/14 12:0 a.m.39 views

Dell SonicWALL Scrutinizer - Multiple HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/57949/info The Dell SonicWALL Scrutinizer is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2013/02/14 12:0 a.m.32 views

SonicWALL Scrutinizer 9.5.2 - SQL Injection

Title: ====== Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability Date: ===== 2013-02-13 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=789 9984: Investigate Vulnerability Lab issues this ticket included tracking the creation of our DBI shim to error on semi-col...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2013/02/13 12:0 a.m.37 views

Sonicwall Scrutinizer 9.5.2 SQL Injection

Title: ====== Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability Date: ===== 2013-02-13 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=789 9984: Investigate Vulnerability Lab issues this ticket included tracking the creation of our DBI shim to error on semi-col...

0.1AI score
Exploits0
Rows per page
Query Builder