Vulnerabilities > CVE-2002-0709 - SQL Injection vulnerability in Surfcontrol Superscout web Filter and web Filter

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

surfcontrol

exploit available

NVD

Published: 2002-10-10

Updated: 2016-10-18

Summary

SQL injection vulnerabilities in the Web Reports Server for SurfControl SuperScout WebFilter allow remote attackers to execute arbitrary SQL queries via the RunReport option to SimpleBar.dll, and possibly other DLLs.

Vulnerable Configurations

Part	Description	Count
Application	Surfcontrol Surfcontrol Superscout WEB Filter 3.0 Surfcontrol Superscout WEB Filter 3.0.3 Surfcontrol WEB Filter 4.0 Surfcontrol WEB Filter 4.1	4

Exploit-Db

description	SurfControl SuperScout WebFilter for windows 2000 SQL Injection Vulnerability. CVE-2002-0709. Remote exploit for windows platform
id	EDB-ID:21898
last seen	2016-02-02
modified	2002-10-02
published	2002-10-02
reporter	Matt Moore
source	https://www.exploit-db.com/download/21898/
title	SurfControl SuperScout WebFilter for windows 2000 SQL Injection Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References