CVE-2002-0709

SurfControl SuperScout WebFilter - SQL Injection via SimpleBar.dll RunReport Option

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-0709. PoCs published by Matt Moore.

AI-analyzed exploit summary The provided text describes a SQL injection vulnerability in SurfControl SuperScout WebFilter Reports Server, where insufficient input validation in certain .dll files allows remote attackers to modify SQL queries. This can lead to database corruption or sensitive information disclosure.

Description

SQL injection vulnerabilities in the Web Reports Server for SurfControl SuperScout WebFilter allow remote attackers to execute arbitrary SQL queries via the RunReport option to SimpleBar.dll, and possibly other DLLs.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Matt Moore · textremotewindows
https://www.exploit-db.com/exploits/21898

The provided text describes a SQL injection vulnerability in SurfControl SuperScout WebFilter Reports Server, where insufficient input validation in certain .dll files allows remote attackers to modify SQL queries. This can lead to database corruption or sensitive information disclosure.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: SurfControl SuperScout WebFilter Reports Server
No auth needed
Prerequisites: Network access to the target server · Vulnerable version of SurfControl SuperScout WebFilter Reports Server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/5859
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=103359690824103&w=2
Third Party Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/10245.php

Scores

EPSS 0.0114
EPSS Percentile 62.4%

Details

Status published
Products (4)
surfcontrol/superscout_web_filter 3.0
surfcontrol/superscout_web_filter 3.0.3
surfcontrol/web_filter 4.0
surfcontrol/web_filter 4.1
Published Oct 10, 2002
Tracked Since Feb 18, 2026