CVE-2012-2962

Related Files

Dell SonicWALL Scrutinizer 9 SQL Injection

Posted Aug 3, 2012

Authored by muts, sinn3r, Devon Kearns | Site metasploit.com

This Metasploit module exploits a vulnerability found in Dell SonicWall Scrutinizer. While handling the 'q' parameter, the PHP application does not properly filter the user-supplied data, which can be manipulated to inject SQL commands, and then gain remote code execution. Please note that authentication is NOT needed to exploit this vulnerability.

tags | exploit, remote, php, code execution

advisories | CVE-2012-2962, OSVDB-84232

SHA-256 | 2fd37f85b3b97b8f8c3c3028dc3ce694832b09af2ec361d954d869e453380a88

Download | Favorite | View

Dell SonicWALL Scrutinizer 9.0.1 SQL Injection

Posted Jul 22, 2012

Authored by muts

Dell SonicWALL Scrutinizer version 9.0.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

advisories | CVE-2012-2962

SHA-256 | 51f8331d268be99ec1bf0765163b49d3c86e2071fd657509a74930a28343e6f9

Download | Favorite | View