Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
plixer scrutinizer vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2023-41261
An issue exists in /fcgi/scrut_fcgi.fcgi in Plixer Scrutinizer prior to 19.3.1. The csvExportReport endpoint action generateCSV does not require authentication and allows an unauthenticated user to export a report and access the results.
Plixer Scrutinizer
9.8
CVSSv3
CVE-2023-41262
An issue exists in /fcgi/scrut_fcgi.fcgi in Plixer Scrutinizer prior to 19.3.1. The csvExportReport endpoint action generateCSV is vulnerable to SQL injection through the sorting parameter, allowing an unauthenticated user to execute arbitrary SQL statements in the context of the...
Plixer Scrutinizer
3.7
CVSSv3
CVE-2023-41263
An issue exists in Plixer Scrutinizer prior to 19.3.1. It exposes debug logs to unauthenticated users at the /debug/ URL path. With knowledge of valid IP addresses and source types, an unauthenticated attacker can download debug logs containing application-related information.
Plixer Scrutinizer
7.5
CVSSv3
CVE-2021-28993
Plixer Scrutinizer 19.0.2 is affected by: SQL Injection. The impact is: obtain sensitive information (remote).
Plixer Scrutinizer 19.0.2
6.5
CVSSv3
CVE-2012-1258
cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer prior to 9.0.1.19899 does not validate user permissions, which allow remote malicious users to add user accounts with administrator privileges via the newuser, pwd, and selectedUserGroup parame...
Plixer Scrutinizer Netflow \\& Sflow Analyzer
1 EDB exploit
9.8
CVSSv3
CVE-2012-1259
Multiple SQL injection vulnerabilities in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions prior to 9.0.1.19899, allow remote malicious users to execute arbitrary SQL commands via the (1) addip parameter to cgi-bin/scrut_fa_ex...
Plixer Scrutinizer Netflow \\& Sflow Analyzer
1 EDB exploit
6.1
CVSSv3
CVE-2012-1260
Cross-site scripting (XSS) vulnerability in cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions prior to 9.0.1.19899, allows remote malicious users to inject arbitrary web script or HTML via the newUser p...
Plixer Scrutinizer Netflow \\& Sflow Analyzer
1 EDB exploit
6.1
CVSSv3
CVE-2012-1261
Cross-site scripting (XSS) vulnerability in cgi-bin/scrut_fa_exclusions.cgi in Plixer International Scrutinizer NetFlow and sFlow Analyzer 8.6.2.16204 and other versions prior to 9.0.1.19899 allows remote malicious users to inject arbitrary web script or HTML via the standalone p...
Plixer Scrutinizer Netflow \\& Sflow Analyzer
1 EDB exploit
NA
CVE-2012-2626
cgi-bin/admin.cgi in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) prior to 9.5.0 does not require token authentication, which allows remote malicious users to add administrative accounts via a userprefs action.
Sonicwall Scrutinizer
1 EDB exploit
NA
CVE-2012-2627
d4d/uploader.php in the web console in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) prior to 9.5.0 allows remote malicious users to create or overwrite arbitrary files in %PROGRAMFILES%\Scrutinizer\snmp\mibs\ via a multipart/form-data POST request.
Sonicwall Scrutinizer
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »