CVE-2012-2962

Plixer Scrutinizer <9.5.2 - SQL Injection

Title source: llm

Description

SQL injection vulnerability in d4d/statusFilter.php in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.2 allows remote authenticated users to execute arbitrary SQL commands via the q parameter.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/20204
metasploit WORKING POC EXCELLENT
by muts, Devon Kearns, sinn3r · rubypocphp
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/sonicwall_scrutinizer_sqli.rb
exploitdb WORKING POC VERIFIED
by muts · pythonwebappsphp
https://www.exploit-db.com/exploits/20033

References (8)

Scores

EPSS 0.9034
EPSS Percentile 99.6%

Classification

CWE
CWE-89
Status draft

Affected Products (1)

sonicwall/scrutinizer < 9.5.2

Timeline

Published Jul 30, 2012
Tracked Since Feb 18, 2026