CVE-2011-5262

Sonicwall Aventail Sra EX Virtual Appliance - SQL Injection

Title source: rule

Description

SQL injection vulnerability in prodpage.cfm in SonicWALL Aventail allows remote attackers to execute arbitrary SQL commands via the CategoryID parameter.

Exploits (1)

exploitdb WRITEUP

by Asheesh kumar · textwebappshardware

https://www.exploit-db.com/exploits/18122

View Code ZIP pw:eip

References (3)

Core 3

Core References

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/18122

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/50702

Exploit vdb-entry x_refsource_osvdb

http://www.osvdb.org/77484

Scores

EPSS 0.0039

EPSS Percentile 60.3%

Details

CWE

CWE-89

Status published

Products (4)

sonicwall/aventail_sra_ex6000

sonicwall/aventail_sra_ex7000

sonicwall/aventail_sra_ex9000

sonicwall/aventail_sra_ex_virtual_appliance

Published Feb 12, 2013

Tracked Since Feb 18, 2026