Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allow remote attackers to execute arbitrary SQL commands via the (1) addip parameter to cgi-bin/scrut_fa_exclusions.cgi, (2) getPermissionsAndPreferences parameter to cgi-bin/login.cgi, or (3) possibly certain parameters to d4d/alarms.php as demonstrated by the search_str parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Plixer Scrutinizer NetFlow & sFlow Analyzer SQL注入漏洞
Vulnerability Description
Plixer Scrutinizer NetFlow & sFlow Analyzer是美国Plixer公司的一套网络流量分析系统。该系统提供流量监视、上下文取证和安全分析等功能。 Plixer Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204及之后版本(9.0.1.19899版本已修复)中存在SQL注入漏洞。远程攻击者可借助‘addip’、‘getPermissionsAndPreferences’或其他参数利用该漏洞执行任意的SQL命令。
CVSS Information
N/A
Vulnerability Type
N/A