Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
plixer scrutinizer vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-41262
An issue exists in /fcgi/scrut_fcgi.fcgi in Plixer Scrutinizer prior to 19.3.1. The csvExportReport endpoint action generateCSV is vulnerable to SQL injection through the sorting parameter, allowing an unauthenticated user to execute arbitrary SQL statements in the context of the...
Plixer Scrutinizer
NA
CVE-2023-41263
An issue exists in Plixer Scrutinizer prior to 19.3.1. It exposes debug logs to unauthenticated users at the /debug/ URL path. With knowledge of valid IP addresses and source types, an unauthenticated attacker can download debug logs containing application-related information.
Plixer Scrutinizer
NA
CVE-2023-41261
An issue exists in /fcgi/scrut_fcgi.fcgi in Plixer Scrutinizer prior to 19.3.1. The csvExportReport endpoint action generateCSV does not require authentication and allows an unauthenticated user to export a report and access the results.
Plixer Scrutinizer
445
VMScore
CVE-2021-28993
Plixer Scrutinizer 19.0.2 is affected by: SQL Injection. The impact is: obtain sensitive information (remote).
Plixer Scrutinizer 19.0.2
405
VMScore
CVE-2012-1258
cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer prior to 9.0.1.19899 does not validate user permissions, which allow remote malicious users to add user accounts with administrator privileges via the newuser, pwd, and selectedUserGroup parame...
Plixer Scrutinizer Netflow \\& Sflow Analyzer
1 EDB exploit
755
VMScore
CVE-2012-1259
Multiple SQL injection vulnerabilities in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions prior to 9.0.1.19899, allow remote malicious users to execute arbitrary SQL commands via the (1) addip parameter to cgi-bin/scrut_fa_ex...
Plixer Scrutinizer Netflow \\& Sflow Analyzer
1 EDB exploit
435
VMScore
CVE-2012-1260
Cross-site scripting (XSS) vulnerability in cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions prior to 9.0.1.19899, allows remote malicious users to inject arbitrary web script or HTML via the newUser p...
Plixer Scrutinizer Netflow \\& Sflow Analyzer
1 EDB exploit
435
VMScore
CVE-2012-1261
Cross-site scripting (XSS) vulnerability in cgi-bin/scrut_fa_exclusions.cgi in Plixer International Scrutinizer NetFlow and sFlow Analyzer 8.6.2.16204 and other versions prior to 9.0.1.19899 allows remote malicious users to inject arbitrary web script or HTML via the standalone p...
Plixer Scrutinizer Netflow \\& Sflow Analyzer
1 EDB exploit
505
VMScore
CVE-2012-2626
cgi-bin/admin.cgi in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) prior to 9.5.0 does not require token authentication, which allows remote malicious users to add administrative accounts via a userprefs action.
Sonicwall Scrutinizer
1 EDB exploit
945
VMScore
CVE-2012-2627
d4d/uploader.php in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) prior to 9.5.0 allows remote malicious users to create or overwrite arbitrary files in %PROGRAMFILES%\Scrutinizer\snmp\mibs\ via a multipart/form-data POST request.
Sonicwall Scrutinizer
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »