SolarWinds Storage Resource Monitor Profiler < 6.2.3 Hotfix 1 RulesMetaData SQLi RCE

The version of SolarWinds Storage Resource Monitor SRM Profiler formerly SolarWinds Storage Manager running on the remote host is prior to 6.2.3 Hotfix 1. It is, therefore, affected by a remote code execution vulnerability in ScriptServlet due to a failure to sanitize user-supplied input to the...

SolarWinds Storage Resource Monitor Profiler Server RulesMetaData addNewRule SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Resource Monitor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RulesMetaData's addNewRule method which is reachable through t...

SolarWinds Storage Resource Monitor Profiler SQL Injection Vulnerability

SolarWinds Storage Resource Monitor SRM Profiler formerly known as Storage Manager, STM is a set of Web-based data storage management software from SolarWinds Inc. that integrates storage monitoring, reporting, alarming, and predictive analytics. A SQL injection vulnerability exists in the Web...

CVE-2016-4350

Multiple SQL injection vulnerabilities in the Web Services web server in SolarWinds Storage Resource Monitor SRM Profiler formerly Storage Manager STM before 6.2.3 allow remote attackers to execute arbitrary SQL commands via the 1 ScriptSchedule parameter in the ScriptServlet servlet; the 2...

SolarWinds Storage Resource Monitor Profiler Module QuantumMonitorServlet SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Resource Monitor Profiler Module. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the QuantumMonitorServlet servlet in...

SolarWinds Storage Resource Monitor Profiler Module HostStorageServlet SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Resource Monitor Profiler Module. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the HostStorageServlet servlet in th...

SolarWinds Storage Resource Monitor Profiler Module ScriptServlet SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Resource Monitor Profiler Module. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the ScriptServlet servlet in the...

SolarWinds Storage Resource Monitor Profiler Module XiotechMonitorServlet SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Resource Monitor Profiler Module. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the XiotechMonitorServlet servlet in...

SolarWinds Storage Resource Monitor Profiler Module BackupExceptionsServlet SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Resource Monitor Profiler Module. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the BackupExceptionsServlet servlet ...

SolarWinds Storage Resource Monitor Profiler Module DuplicateFilesServlet SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Resource Monitor Profiler Module. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the DuplicateFilesServlet servlet in...

SolarWinds Storage Resource Monitor Profiler Module XiotechMonitorServlet SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Resource Monitor Profiler Module. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the XiotechMonitorServlet servlet in...

SolarWinds Storage Resource Monitor Profiler Module ScriptServlet SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Resource Monitor Profiler Module. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the ScriptServlet servlet in the...

SolarWinds Storage Resource Monitor Profiler Module UserDefinedFieldConfigServlet SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Resource Monitor Profiler Module. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the UserDefinedFieldConfigServlet...

SolarWinds Storage Resource Monitor Profiler Module WindowsEventLogsServlet SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Resource Monitor Profiler Module. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the WindowsEventLogsServlet servlet ...

SolarWinds Storage Resource Monitor Profiler Module UserDefinedFieldConfigServlet SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Resource Monitor Profiler Module. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the UserDefinedFieldConfigServlet...

SolarWinds Storage Resource Monitor Profiler Module ProcessesServlet SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Resource Monitor Profiler Module. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the ProcessesServlet servlet in the...

SolarWinds Storage Resource Monitor Profiler Module WindowsEventLogsServlet SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Resource Monitor Profiler Module. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the WindowsEventLogsServlet servlet ...

SolarWinds Storage Resource Monitor Profiler Module XiotechMonitorServlet SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Resource Monitor Profiler Module. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the XiotechMonitorServlet servlet in...

SolarWinds Storage Resource Monitor Profiler Module HostStorageServlet SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Resource Monitor Profiler Module. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the HostStorageServlet servlet in th...

SolarWinds Storage Resource Monitor Profiler Module FileActionAssignmentServlet SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Resource Monitor Profiler Module. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the FileActionAssignmentServlet...