SQL Injection Vulnerability in Plixer Scrutinizer by Dell SonicWALL
CVE-2012-2962

Currently unrated

Key Information:

Vendor: Sonicwall
Status: Scrutinizer
Vendor: CVE Published:; 30 July 2012

Summary

A SQL injection vulnerability exists in the statusFilter.php script within Plixer Scrutinizer, allowing remote authenticated users to execute arbitrary SQL commands through the manipulation of the q parameter. This flaw can potentially lead to unauthorized access to the database and manipulation of sensitive data if exploited.

References

http://www.osvdb.org/84232

vdb-entryx_refsource_OSVDB

http://secunia.com/advisories/50052

third-party-advisoryx_refsource_SECUNIA

http://www.sonicwall.com/shared/download/Dell_SonicWALL_S...

x_refsource_CONFIRM

EPSS Score

90% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 30, 2012
Vulnerability Reserved
May 30, 2012