VDB
CVE-2012-2962
CVE-2012-2962
PUBLISHED
CVSS 6.5 MEDIUM
SQL injection vulnerability in d4d/statusFilter.php in Plixer Scrutinizer (aka Dell SonicWALL Scrutinizer) before 9.5.2 allows remote authenticated users to execute arbitrary SQL commands via the q parameter.
EPSS 90.34% · 99.6th percentile
Risk Scores
CVSS 2.0
6.5
EPSS Score
90.34%
99.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| sonicwall | scrutinizer | 0 |
| n/a | n/a | * |
Timeline
- Jul 30, 2012 CVE Published
- May 29, 2018 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 14, 2022 CVE Updated
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
References
- 54625 vdb
- 84232 vdb
- 50052 third-party-advisory
- http://www.sonicwall.com/shared/download/Dell_SonicWALL_Scrutinizer_Service_Bulletin_for_SQL_injection_vulnerability_CVE.pdf url
- 20033 exploit
- http://www.plixer.com/Press-Releases/plixer-releases-9-5-2.html url
- VU#404051 third-party-advisory
- scrutinizer-statusfilter-sql-injection(77148) vdb
- https://nvd.nist.gov/vuln/detail/CVE-2012-2962 advisory